C3 has merged with Ingalls Read Press Release >>

Cybersecurity Predictions for 2019

Steel Root co-founder Ryan Heidorn muses on cybersecurity predictions for the year ahead.

You know what they say—New Year, new cyber threats. As technology advances, threats to security and privacy remain a top concern. Whether you’re an individual, company, or nation-state, focusing on cybersecurity in this new year is as important as ever. Here are our predictions for 2019:

State-sponsored cyber attacks take center stage.

The US will increasingly name nation-states as cyber threat actors (China, Russia, Iran, DPRK, and Venezuela). The Trump administration, under its new national cyber strategy, will threaten other nations with cyberattack or retaliation. State-sponsored hackers will execute further proof-of-concept attacks targeting industrial control systems (ICS/SCADA).

The spotlight’s on election tampering.

As voters in democratic nations across the world take to the polls, there will be increased scrutiny and threat activity around disinformation campaigns and election tampering. Look to elections in India and African nations like DR Congo, Nigeria, and South Africa as examples.

States move to fill the federal gap in data privacy law.

Even with shocking privacy violations by companies like Facebook making headlines at an increasing rate, the US will continue to drag its feet on federal data privacy policy. To fill the gap, more states will signal that they will take matters into their own hands and pursue policies like California’s that strongly protect data privacy.

It’ll be the year of NIST.

The NIST Cyber Security Framework (CSF) is quickly becoming the de facto standard for private sector companies across many industries. We expect that all federal contractors under FAR (Federal Acquisition Regulation) will become subject to the same cybersecurity requirements (NIST SP 800-171) as their Department of Defense counterparts. Security vendors will scramble to align their products with NIST controls as companies increasingly look to NIST frameworks for guidance. (Note: at the time of posting, the NIST CSF link was unavailable due to government shutdown.)

Authentication will require more focus.

Attacks using spoofed biometrics and other forms of single-factor authentication (like traditional passwords) will drive urgency for organizations to adopt strong forms of two-factor authentication, including universal second factor (U2F). Identity and access management (IAM) becomes a ubiquitous line item on IT budgets.

2019 will be a great year.

We sure hope so! Happy New Year from all of us at Steel Root. Don’t forget to update the copyright year on your website. 😉