Sixth Annual Cybersecurity Trends from TÜV Rheinland
For the sixth year in a row, TÜV Rheinland is publishing its annual forecast of cybersecurity trends, gathered from its world leading cybersecurity experts in Europe, Asia and North America. In the current report, TÜV Rheinland writes that companies are increasingly recognizing cyberattacks as a central business risk and are beginning to align their organization accordingly. Cybersecurity trends also focus on how strongly cybercrime influences technologies such as Operational Technology (OT) in industry and the Internet of Things (IoT), why skills shortages could become a growing problem, and what role concepts such as red teaming or agile security are likely to play. Below are the highlights of the eight cybersecurity trends that TÜV Rheinland has identified for 2019:
TREND 1: Cybersecurity has become a topic for the management level
Until recently, lack of cybersecurity was not seen as a business risk, but as an IT problem. Despite years of warnings, it was only the effects of the NotPetya cyberattack in 2017 that changed this view. Several large companies reported losses as a result of this attack, including logistics companies Maersk and FedEx, advertising company WPP, and household goods manufacturer Reckitt Benckiser. These companies have reportedly each lost up to hundreds of millions of euros. This makes NotPetya the most expensive cyberattack to date. At the same time, breaches of data protection remain a cause for concern. Risks associated with a lack of cybersecurity have evolved from a hypothetical problem to a recognized business risk. This realization is now leading to long-term changes in the management of cybersecurity risks and the question of who is responsible for this problem.
TREND 2: Industrial cybersecurity is years behind general IT security
In an Operational Technology (OT) system, computers recognize or modify physical processes by controlling and monitoring devices such as electric motors, valves or relays. They are used, for example, by energy and water suppliers as well as in industrial facilities. Although the lack of cybersecurity of OT systems can have serious consequences, industrial cybersecurity has long been neglected and has been characterized by both indifference and underinvestment. Today, the risks of neglecting the protection of OT systems have fundamentally changed due to new technologies and geopolitical tensions. This applies, in particular, to security monitoring systems. If something can become a target for attack – and we must assume that it can be done at any time – those responsible should do everything possible to prevent the success of such an attack.
TREND 3: Standards pose a challenge for IoT cybersecurity
Standards organizations and industries around the world are developing the security and privacy standards needed to secure the next stage of development in the Internet of Things (IoT) and Operational Technology (OT). Although well intentioned, it can be confusing and time consuming for manufacturers to find out which of these regional and industry standards they need to consider. Particularly affected are global companies that need to understand how to ensure compliance when developing their products. The existence of competing standards could therefore lead to a waste of time.
TREND 4: The pressure caused by the GDPR represents a turning point for consumer data protection.
The European Union (EU) General Data Protection Regulation (GDPR), enforced as of May 2018, held many unknowns. A few short months later, a hospital in Portugal was fined 400,000 euros by the Portuguese Data Protection Authority for alleged unrestricted access to patient files and information. Although overall enforcement is relatively slow to start and the first fines imposed were rather low, it is clear that the DSGVO will have a significant impact on data protection not only in the EU, but worldwide. For most industries, it will simply be cheaper to develop and design their products and services to meet the highest global standards, rather than limit themselves to geographically limited privacy.
TREND 5: The shortage of skilled workers in cybersecurity will distort the labour market
While the importance of cybersecurity has increased, the staff needed to meet the specific cybersecurity demands have not. It is estimated that by 2020, there could be a shortage of 1.5 million skilled workers worldwide. It is estimated that this figure could more than double by 2021. Such an extreme shortage of skilled workers often leads to market distortions: Larger, financially stable organizations and service providers are able to recruit competent staff, while smaller companies may have problems in some sectors. Inevitably, this not only makes cybersecurity more expensive, but also affects supply chains that connect large and small businesses, economically. In terms of the long-term interests of the industrial economy, cybersecurity is of importance to the general public and should therefore be accessible to all. If this problem is not solved, there will be greater challenges in this area in the future.
TREND 6: The detection of and response to threats depends on the establishment of Security Orchestration, Automation and Response (SOAR).
The security orchestration, automation and response (SOAR) approach reduces the time required to detect incidents, accelerates threat response, and minimizes the impact of cyberattacks. The greatest added value is provided by automated threat containment workflows, which are critical in dealing with rapidly spreading malicious malware. Other benefits of SOAR include standardization of cyberattack investigation processes, faster prioritization and response, the ability to proactively search for threats, and improved quality and efficiency of detection and response processes. However, to implement a new wave of automation with SOAR, organizations must invest and plan at a time when established investments such as Security Information & Event Management (SIEM) solutions are just beginning to pay off.
TREND 7: "Red Team" tests and agile security gain general acceptance
The terms "Red Team" test and "holistic test" have their origin in the field of penetration testing. "Red Teams" simulate how an attacker can penetrate an organization and gain access to resources under real-world conditions by exploiting existing vulnerabilities. While vulnerabilities can be found in many resources (applications, devices or infrastructures), "Red Teams" also simulate topics such as social engineering, hijacking social media, physical access to a building or – in extreme cases – their own employees with malicious intentions. Unlike traditional pen testing, Red Teaming tries to understand how these factors interact and does not look at them separately. At the same time, agile security testing is becoming more important. Their goal is to eliminate as many weak points as possible during the development of a software.
TREND 8: Cybersecurity decides on winners and losers of the digital economy
The modern world is rapidly developing into a digital, knowledge-based "industry 4.0" economy. This change has a similar meaning as the industrial revolution in the 18th century. A fundamental challenge in this process is to recognize how to ensure one’s own security, where the resources should come from and what global standards are needed to make development as smooth as possible. The ability to meet the security challenges of the digital economy will determine the success of economies, economic sectors and perhaps even the political systems on which they are built. It is possible that for many large organizations this will result in a simple scenario of either success or failure without a middle course.
TÜV Rheinland’s Whitepaper Cybersecurity Trends 2019 provides more information and assessments on the challenges of 2019 https://www.tuv.com/cybersecuritytrends2019.
TÜV Rheinland ist ein weltweit führender unabhängiger Prüfdienstleister mit 145 Jahren Tradition. Im Konzern arbeiten über 20.000 Menschen rund um den Globus. Sie erwirtschaften einen Jahresumsatz von knapp 2 Milliarden Euro. Die unabhängigen Fachleute stehen für Qualität und Sicherheit von Mensch, Technik und Umwelt in fast allen Wirtschafts- und Lebensbereichen. TÜV Rheinland prüft technische Anlagen, Produkte und Dienstleistungen, begleitet Projekte, Prozesse und Informationssicherheit für Unternehmen. Die Experten trainieren Menschen in zahlreichen Berufen und Branchen. Dazu verfügt TÜV Rheinland über ein globales Netz anerkannter Labore, Prüfstellen und Ausbildungszentren. Seit 2006 ist TÜV Rheinland Mitglied im Global Compact der Vereinten Nationen für mehr Nachhaltigkeit und gegen Korruption. Website: www.tuv.com
TÜV Rheinland
Am Grauen Stein
51105 Köln
Telefon: +49 (221) 806-2148
http://www.tuv.com
Pressesprecher Informationssicherheit
Telefon: +49 (221) 806-3060
Fax: +49 (221) 806-3093
E-Mail: Norman.Huebner@de.tuv.com