TUV Rheinland, a leading international provider of testing, inspection, and certification services, has released its Cybersecurity Trends 2019, a report that contains eight important developments in cybersecurity as identified by TUV Rheinland experts.
How well companies and large organizations can ensure the security of data and IT in the digital economy is increasingly a critical factor for their success or failure. “The modern world is rapidly transforming into a digital, knowledge-based ‘industry 4.0’ economy. This change has an equal significance to the industrial revolution,” explains Frank Luzsicza, Executive Vice President for Digital Transformation & Cybersecurity at TUV Rheinland. “That’s why the existential question for many companies will be about mastering the cyber-physical challenges of the digital economy. It may simply amount to a binary: success or failure, without the option to compromise.”
Sixth Annual Cybersecurity Trends from TUV Rheinland
For the sixth year in a row, TUV Rheinland is publishing its annual forecast of cybersecurity trends, gathered from its world-leading cybersecurity experts in Europe, Asia and North America. In the current report, TUV Rheinland writes that companies are increasingly recognizing cyberattacks as a central business risk and are beginning to align their organization accordingly. Cybersecurity trends also focus on how strongly cybercrime influences technologies such as Operational Technology (OT) in industry and the Internet of Things (IoT), why skills shortages could become a growing problem, and what role concepts such as red teaming or agile security are likely to play. Below are the highlights of the eight cybersecurity trends that TUV Rheinland has identified for 2019:
TREND 1: Cybersecurity has become a topic for the management level
Until recently, lack of cybersecurity was not seen as a business risk, but as an IT problem. Despite years of warnings, it was only the effects of the NotPetya cyberattack in 2017 that changed this view. Several large companies reported losses as a result of this attack, including logistics companies Maersk and FedEx, advertising company WPP, and household goods manufacturer Reckitt Benckiser. These companies have reportedly each lost up to hundreds of millions of euros. This makes NotPetya the most expensive cyberattack to date. At the same time, breaches of data protection remain a cause for concern. Risks associated with a lack of cybersecurity have evolved from a hypothetical problem to a recognized business risk. This realization is now leading to long-term changes in the management of cybersecurity risks and the question of who is responsible for this problem.
TREND 2: Industrial cybersecurity is years behind general IT security
In an Operational Technology (OT) system, computers recognize or modify physical processes by controlling and monitoring devices such as electric motors, valves or relays. They are used, for example, by energy and water suppliers as well as in industrial facilities. Although the lack of cybersecurity of OT systems can have serious consequences, industrial cybersecurity has long been neglected and has been characterized by both indifference and underinvestment. Today, the risks of neglecting the protection of OT systems have fundamentally changed due to new technologies and geopolitical tensions. This applies, in particular, to security monitoring systems. If something can become a target for attack – and we must assume that it can be done at any time – those responsible should do everything possible to prevent the success of such an attack.
TREND 3: Standards pose a challenge for IoT cybersecurity
Standards organizations and industries around the world are developing the security and privacy standards needed to secure the next stage of development in the Internet of Things (IoT) and Operational Technology (OT). Although well intentioned, it can be confusing and time consuming for manufacturers to find out which of these regional and industry standards they need to consider. Particularly affected are global companies that need to understand how to ensure compliance when developing their products. The existence of competing standards could therefore lead to a waste of time.
TREND 4: The pressure caused by the GDPR represents a turning point for consumer data protection.
The European Union (EU) General Data Protection Regulation (GDPR), enforced as of May 2018, held many unknowns. A few short months later, a hospital in Portugal was fined 400,000 euros by the Portuguese Data Protection Authority for alleged unrestricted access to patient files and information. Although overall enforcement is relatively slow to start and the first fines imposed were rather low, it is clear that the DSGVO will have a significant impact on data protection not only in the EU, but worldwide. For most industries, it will simply be cheaper to develop and design their products and services to meet the highest global standards, rather than limit themselves to geographically limited privacy.
TREND 5: The shortage of skilled workers in cybersecurity will distort the labour market
While the importance of cybersecurity has increased, the staff needed to meet the specific cybersecurity demands have not. It is estimated that by 2020, there could be a shortage of 1.5 million skilled workers worldwide. It is estimated that this figure could more than double by 2021. Such an extreme shortage of skilled workers often leads to market distortions: Larger, financially stable organizations and service providers are able to recruit competent staff, while smaller companies may have problems in some sectors. Inevitably, this not only makes cybersecurity more expensive, but also affects supply chains that connect large and small businesses, economically. In terms of the long-term interests of the industrial economy, cybersecurity is of importance to the general public and should therefore be accessible to all. If this problem is not solved, there will be greater challenges in this area in the future.
TREND 6: The detection of and response to threats depends on the establishment of Security Orchestration, Automation and Response (SOAR).
The security orchestration, automation and response (SOAR) approach reduces the time required to detect incidents, accelerates threat response, and minimizes the impact of cyberattacks. The greatest added value is provided by automated threat containment workflows, which are critical in dealing with rapidly spreading malicious malware. Other benefits of SOAR include standardization of cyberattack investigation processes, faster prioritization and response, the ability to proactively search for threats, and improved quality and efficiency of detection and response processes. However, to implement a new wave of automation with SOAR, organizations must invest and plan at a time when established investments such as Security Information & Event Management (SIEM) solutions are just beginning to pay off.
TREND 7: “Red Team” tests and agile security gain general acceptance
The terms “Red Team” test and “holistic test” have their origin in the field of penetration testing. “Red Teams” simulate how an attacker can penetrate an organization and gain access to resources under real-world conditions by exploiting existing vulnerabilities. While vulnerabilities can be found in many resources (applications, devices or infrastructures), “Red Teams” also simulate topics such as social engineering, hijacking social media, physical access to a building or – in extreme cases – their own employees with malicious intentions. Unlike traditional pen testing, Red Teaming tries to understand how these factors interact and does not look at them separately. At the same time, agile security testing is becoming more important. Their goal is to eliminate as many weak points as possible during the development of a software.
TREND 8: Cybersecurity decides on winners and losers of the digital economy
The modern world is rapidly developing into a digital, knowledge-based “industry 4.0” economy. This change has a similar meaning as the industrial revolution in the 18th century. A fundamental challenge in this process is to recognize how to ensure one’s own security, where the resources should come from and what global standards are needed to make development as smooth as possible. The ability to meet the security challenges of the digital economy will determine the success of economies, economic sectors and perhaps even the political systems on which they are built. It is possible that for many large organizations this will result in a simple scenario of either success or failure without a middle course.