2020 Cybersecurity/Data Protection Predictions

No one has a crystal ball. But we’re looking at trends, statistics, and several other factors as predictors for what to expect in 2020. Here are several predictions with a very high probability of becoming facts next year.

AI will have a more prominent role in cyberattacks.
The news is full of stories of how AI is being implemented to control data centers, automobiles and even spot cancer in human beings, to name just a few. With all the good that AI can offer mankind, it will be utilized for bad and the probability that AI will be used as part of cyberattacks is very high. 

The ransomware epidemic will get worse in 2020.
It all started 30 years ago in 1989 with the AIDS Trojan and it’s only gotten worse after 30 years. According to a new Emsisoft report, “In the first nine months of 2019, at least 621 government entities, healthcare service providers and school districts, colleges, and universities were affected by ransomware.” The latest ransomware infections this month in Pensacola, Florida and New Orleans show that ransomware will continue to make the news in 2020 and since ransomware continues evolving, it’s going to get worse.

The public cloud will become a growing target for cyberattacks.
Public cloud migration has been occurring at a staggering pace over the past several years and the data center to cloud migration continues in 2020. AWS, Microsoft Azure, Google, and others have not had cyberattacks targeting them directly, but as mainstream cloud services continue to grow, they will also become a growing target for cyberattacks.

Cloud data breaches will grow.
Since the public cloud migration continues to grow with organizations moving more and more workloads to the cloud, we’ll be hearing about many more data breaches as a result. We’ve already seen how misconfigurations, sloppy security practices, and security hygiene have all contributed to data breaches in the past. The Capital One breech was a good high profile example of where an AWS bucket was misconfigured exposing data and we can expect to hear about many more in the future.

Ransomware payments made will increase in 2020.
Counter to the advice from the FBI and Homeland Security, ransom payments continue to be made in order to recover from ransomware. Government agencies have paid ransoms as have private enterprises with the justification that the ransom payment was less than the cost to recover from the ransomware event. Ransomware is a big business and ransomware creators have shifted their primary focus to making money. Ransomware targets are being selected with the focus on the maximum probability of receiving payment.

Compromising backups will grow as a target of cyberattacks.
The ransomware authors know that if they can cripple an organization’s ability to recover from backups, the more likely a ransomware payment will be made. Unfortunately, the majority of backup solutions do not protect backups from ransomware. Bearing this in mind, it’s up to the organization to protect themselves from ransomware and ultimately protecting their backups to ensure they’ll be able to recover in case they’re infected by ransomware. There have been many backup infection examples destroying backups and destruction of backups while nullifying restoration attempts will grow as a target of cyberattacks.

Phishing attacks will grow.
According to technology market research firm, The Radicati Group’s email statistics report, the typical business email user will receive an average of about 96 emails a day. If you multiply 96 by your company headcount, you’ll quickly realize the email volume coming into your company on a daily basis. Now consider whether you’ve provided employees with security awareness training while recognizing that users are the weakest link due to human error, complacency and bad habits of clicking on things like links and attachments. Cybercriminals know that an enterprise is only a mouse click away from infection via email because it only takes a single user to click on something they shouldn’t have.

US Government will push data protection, privacy, and security legislation.
It’s obvious that companies like Facebook, Twitter, Google, and so many others do not protect user data or privacy and that legislation with teeth is necessary to stop the privacy and data abuse that has been allowed to happen in the US. State Government is already stepping up and as a result, the federal government will begin to address the issues, even if at a glacial pace.

About the Author

Joe is a talented and seasoned executive with over 30 years of extensive experience in cloud services, information technology, cybersecurity, and data communications with a diverse background in both private / corporate as well as public sector settings.
With more than 30 years of experience in the areas of Development, Engineering, Marketing, Product Management and Network Operations, Mr. Merces brings a great depth of experience drawn from his many years in the Information Technology, Telecommunications and Manufacturing industries.
Joe holds 3 patents in data communications, is a graduate of Stevens Institute of Technology, where he received a Master of Science degree in the Management of Technology and has a Bachelor of Science degree in Computer Science from Kean University.

The Latest Blogs