What’s impacting the cybersecurity landscape?

Cybersecurity is the most rapidly evolving of fields. Its very nature means that professionals are constantly behind the eight ball – they must wait for a threat to be posed, then respond to that threat as quickly as possible. With no effective way to fireproof the playing field this will always be a game of putting out spot fires.

 But despite the unpredictability of cybersecurity, broader trends nonetheless become evident over time. And identifying and understanding these trends is key to forming appropriate countermeasures.

 At EY it’s our mission to identify and understand such trends, and to help companies enact the insights that are drawn from the findings. So let’s take a look at the key trends that all security-conscious organisations should keep front of mind in the coming 12 months.

 The key trends that will drive the evolution of cybersecurity in the next year

Up until around 12 months ago, cybersecurity was dominated by ‘fear of breach’ – the reputational damage of a data loss event, or a breach of confidentiality. Following the large global cyber incidents caused by Wannacry and Petya there was a shift in attitude, and the principles of availability and integrity of systems and data came to the fore. I think the coming year will see increased focus on cyber resilience and how the availability and integrity of systems and data underpin the digital organisations many institutions have become.

Another area we are seeing lots of demand in is third party cyber risk. How do you secure your supply chain? How do you know that counter parties you send data to or rely upon to run key systems are cyber secure?

The spectre of regulation will continue to dominate too. We have already seen the first big cyber incident following the go live of the General Data Protection Regulation (GDPR). How will the regulator respond? Will more organisations seek to get an understanding of their GDPR readiness posture? EY Global Forensic Data Analytics Survey 2018 found that only 12% of companies in the Asia-Pacific region are ready for GDPR.

 The impact of IoT and AI development on cybersecurity

The Internet of Things (IoT) has changed the cybersecurity threat landscape forever. Suddenly devices that have little or no inbuilt security are connected to the internet, and are increasingly being connected to corporate IT systems. This creates a relatively easy access path for any would-be attacker. What’s more, these systems often control industrial processes where health and safety is a genuine concern, so any cybersecurity failings in the IoT systems might not just be embarrassing, but fatal.

As a result of this we are seeing industries that had previously not considered themselves to be impacted by cyber risk becoming very focused on it. Organisations are refreshing their identity management platforms to cope with greater access control requirements around IoT, implementing analytics-based monitoring of OT networks, and stepping up the governance of their IT/OT converged systems. More than ever, physical security and cybersecurity are coming together.

Artificial intelligence (AI) has two main impacts on cybersecurity:

1.  The cyber risk of AI-enabled processes: In terms of confidentiality, integrity and availability of systems and data. Cybersecurity can’t be an afterthought - security by design is paramount. There must be as much focus on securing the AI as developing it in the first place.
2. Securing the organisation: Just as an organisation should be looking to secure their AI, AI should be used to secure the organisation. AI is being utilised more and more in performing cybersecurity tasks.

The prime threat to your company may not be what you think

The biggest threat today is not outside your organisation. It might not even be an attack. It instead comes from the careless actions of insiders - an employee accidentally emails confidential customer information outside of the organisation, a contractor promotes defective code to the live environment, or a supplier stores sensitive corporate information on a hard drive that is lost or stolen.

In response, companies are focusing on:

1.  Cyber awareness: Always the best (and cheapest) form of prevention.
2. Data identification, protection and identity management: This helps to get an understanding of where critical data and systems are and who can access them.
3. Stepping up monitoring capability: Perhaps implementing a security operations capability for the first time, or improving the existing one through automation and analytics.
4. Incident response: What’s the best thing to do if you can’t prevent a cyber incident? Making sure you handle it well and get back on your feet as quickly as possible.

The skills and training that will prepare cybersecurity specialists for the future

The cybersecurity profession is gravitating around two main skill sets.

Cyber risk management is all about extending traditional risk management processes and systems to the realm of cyber - a more managerial discipline. Technical cybersecurity is more similar to mainstream IT, requiring a good understanding of networks, applications and data, but with a lens of ‘what could go wrong?’ or ‘where are the vulnerabilities?’

Condensing the broad and complex subject of cybersecurity trends into a few key takeaways will never tell the full story. But by understanding the significance of the threat, an organisation can at the very least devote the appropriate attention and resources to mitigating the risks that digital breaches pose.

You may not be able to completely fireproof your organisation. But the strength and effectiveness of your firefighting force is well within your control.

Interested in tackling some of the cybersecurity challenges we’re working on? Take a look at our job openings to keep up to date about upcoming opportunities. 

Richard Watson

APAC Cybersecurity Lead Partner at EY