More of our personal lives and business activities are being conducted online than ever, making cybersecurity a key issue of our time. Understanding what the future of cybersecurity is will show you how to make the best use of your resources and stay safe not just today, but tomorrow too.
The future of cybersecurity is hard to predict because the industry is constantly evolving in response to the shifting behaviors of cybercriminals and the new attacks they develop. For example, the number of global ransomware hacks increased by nearly 25% between 2018 and 2019, prompting cybersecurity developers and businesses to create new software to counter the trend.
Nobody can tell exactly what the next major cyber threat will be or where it will come from, but experts still have a good idea of the general direction that we’re heading in. Although tomorrow is never certain, paying attention to the cybersecurity predictions listed below will help you to future-proof your business and other online activities. So, what is the future of cybersecurity?
How does your cybersecurity stack up? Let's hear from you
Take our short survey on Cybersecurity and you could win an Amazon Kindle Fire tablet plus three Cybersecurity eBooks courtesy of ESME.
1. Artificial Intelligence (AI) will be a core component of all cybersecurity systems
Over the last few years, Artificial Intelligence (AI) has, as a technology, come to fruition in many industries. Today, AI and machine learning algorithms can be used to automate tasks, crunch data, and make decisions far faster than a human ever could.
However, new technologies, including AI, inherently create cybersecurity risks as potential exploits are poorly understood at the time of release. This means that, with more organizations relying on machine learning for mission-critical operations, AI systems are sure to become a major target for hackers. In response, future cybersecurity software and personnel will be forced to develop techniques to detect and counteract AI corruption attacks.
AI won’t just change the cybersecurity world by giving hackers a new way to get to target organizations, though. Cybersecurity developers will themselves use AI to address vulnerabilities, detect security issues before they can be taken advantage of, and repel cyberattacks once they’ve begun.
Future developers may, for example, embed AI in user interfaces to warn people about risky websites or poor-quality security choices. AI may also be used to create simulated network attacks, revealing any weak points so they can be patched.
2. The cybersecurity industry will focus on cyber warfare threats
Over the course of the last decade, the world saw an uptick in state-run or state-sanctioned cyber-warfare. This trend began in 2010 with Stuxnet, a worm implanted on Iranian uranium centrifuge computers to trigger equipment failure. By 2017, Sandworm, a Russian-backed hacking group was boldly going after a broad range of targets, from American corporations to Eastern European energy grids.
Many now believe that cyberwarfare, where one nation hacks or embeds viruses in the computer systems of another, will become the frontier on which wars are fought around the world. Small nations and emerging economies may well turn to this avenue if they don’t have the resources or political support to get involved in traditional conflicts.
In the future, cybersecurity businesses will have to find ways to make key pieces of infrastructure, those which would make appealing targets during a cyberwar, more resilient to digital intrusions. This work could include adding multiple layers of security to traffic systems, airport management networks, and hospital databases.
3. There’ll be more hackers to deal with
According to a study carried out by a Michel Cukier, a University of Maryland researcher, computer hacks have become so frequent that they are now occurring, on average, every 39 seconds. The majority of cyberattacks are done using automated scripts that crawl through databases and digital addresses, searching for vulnerabilities to exploit.
Each attack script has to be written by a tech-savvy person, and there’s good reason to believe that the number of people with the skills and motivation to run them will grow in the future. In developing countries, education standards are improving, creating a massive expansion of the tech workforce. Sadly, in many areas where this is the case, there aren’t sufficient jobs for these trained workers, causing them to turn to cybercrime or hacking instead.
4. Developing cybersecurity talent becomes essential
With cyberattacks growing in frequency year-on-year, companies are having to spend more than ever on protecting themselves. Current projections suggest that the global cybersecurity market will be worth around $42 billion in 2020 alone. However, there’s only so much that paid-for software can do to protect businesses. Larger security spends don’t achieve anything unless protective applications are implemented and run by someone with adequate information security (infosec) skills.
The problem is that there’s actually an enormous shortage of workers with such skills at the moment. A study by the Global Information Security Workforce estimates that, by 2022, the gap between open positions and qualified personnel will widen to almost two million jobs.
In this environment, it will be expensive and difficult for companies to hire the cybersecurity experts they desperately require. Prudent organizations will, therefore, invest heavily in infosec training for their current workers. Already, numerous ethical hacking courses, like Cybrary, are available so that IT professionals can become white hat hackers.
5. Legacy tech will continue to be an issue
As highlighted by 2017’s WannaCry ransomware attack, which infected over 200,000 computers running older versions of Windows in 150 countries, legacy systems present a major cybersecurity risk.
The reasons for this are numerous. First off, there’s little motivation for manufacturers to continue releasing security patches for out-of-date systems, even when new vulnerabilities become common knowledge. Then there’s the problem of legacy dependencies, whereby a secondary piece of legacy tech, which a piece of hardware or software can’t be run without, introduces its own security vulnerabilities.
Despite this, companies around the world are continuing to expose themselves to cyber risk by continuing to use vulnerable legacy technology. Usually, this is done to save money or because the business doesn’t recognize the security benefits offered by upgrading.
In the future, there’s no reason to believe this won’t still be a problem. In fact, it might well get worse. Many companies and consumers are perfectly satisfied with the performance of their current generation servers, desktops, and smartphones. When today’s cutting-edge turns into tomorrow’s legacy, a large proportion of them won’t want to upgrade, and hackers are sure to take notice. Cybersecurity businesses and professionals need to be prepared for that.