Security 2020: 4 trends to watch

Security 2020: 4 trends to watch

What are the key trends in the enterprise threat landscape in 2020? Here are four security issues you and your teams should focus on in the year ahead

up
55 readers like this
security trends 2020

3. Credential stuffing attempts increase

Pott from Juniper Networks predicts that the practice of credential stuffing – think of it as a hacker’s version of using automation to scale their operations – will be increasingly used to attack the vast number of cloud service provider accounts as a means of breaching a larger enterprise, especially those platforms under the broad umbrella of public cloud.

“As 2019 comes to a close, credential stuffing attacks are on the rise,” Pott says. “This is unsurprising as the number of credentials compromised every year increases and new records are regularly set for the size and scale of various data breaches.”

It’s another instance of “the larger the user base, the richer the target,” and Pott thinks it could lead to “the year of the cloudy compromise.”

“In the new year and beyond, security professionals would be wise to pay close attention to Software as a Service (SaaS) applications and Infrastructure as a Service (IaaS) accounts, especially those at major cloud providers,” Pott says. “Even after decades of warnings, people still reuse credentials all over the internet. Multi-factor authentication will be the best defense but remains somewhat niche in terms of real-world use.”

4. Endpoint security challenges: You ain’t seen nothin’ yet

Just as the traditional network perimeter is blurring to the point of invisibility, so too is the way we think about “endpoints.” Endpoint security used to mean protecting your users’ laptops and phones. Now it might mean securing a refrigerator, doorbell, or any of a vast number of other connected devices commonly referred to as the Internet of Things, or IoT.

“In the drive to be more efficient, greener, and responsive to market changes, [businesses are under] pressure to take advantage of IoT and industrial IoT to make this happen,” says Laurence Pitt, global security strategy director at Juniper Networks. “The bigger challenge comes from these swaths of other IoT [devices] being connected to corporate networks, where adoption often happens at the speed of business and security struggles to keep up. Many of these do not have security built-in at the device level, and so security needs to be considered as part of the overarching network posture.”

While IoT might already sound old, its security implications are really still in their beginning stages. “As new IoT is rolled out and security teams struggle to keep up with updates and patches, there will be more opportunities for criminals to abuse this vector and gain access,” Pitt says.

[ Learn the do’s and don’ts of cloud migration: Get the free eBook, Hybrid Cloud for Dummies. ]

Pages

7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Kevin Casey
May 27, 2020

What do successful Kubernetes migration projects have in common? A clear strategy, a strong culture, and the proper resources to execute the plan. Check out this expert advice

Submitted By Rick Huff
May 27, 2020

Rick Huff started as CIO at Paycor on March 9, 2020 – just in time to get a front row seat to a pandemic. Here's what he learned about handling a crisis in real time.

Submitted By Jaeson Paul
May 27, 2020

Leaders don't get the insight they need by simply asking for it: In fact, you may be derailing discussions before they start. Here's how to encourage honest feedback – and how to respond.

x

Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.