The continued evolution of the security threat landscape stresses the capabilities of vendors, tools, and offerings—meaning it’s now paramount that teams look ahead in order to maintain the necessary level of data protection. As Continuum gazes forward into the cybersecurity horizon, there are five key trends that we think companies need to be aware of as they look at their security solutions in 2020.
1. Attacks on Managed Service Providers
In 2019, we began to see a sharp rise in the number of attacks on service providers, with the intention to use those service providers’ tools to attack their clients. While this pattern is not new for 2020, the exponential growth in this method of attack, as well as the accountability of the service provider, is something we expect will continue in the next year. Small and Mid-sized businesses (who commonly rely on these service providers) have made it clear over the past year that they expect their providers to adjust their protection based on the threat landscape. They expect their service provider to be able to prevent these types of attacks and the weaponization of their own tools.
The challenge in getting and retaining good security resources is a well-known challenge for organizations, but automation of security actions has been challenging due to a multitude of independent tools and ever-changing threat landscape. As we see more comprehensive security solutions, along with advances in threat intelligence and machine learning, we expect to see a major opportunity for increased automation in security event investigation, response, and management in the next year. Could this be the year SOAR takes off?
3. Email, the New Ransomware
In 2019, we began to see some surveys and data showing email as the most common entry point for attacks. This is not surprising given the proven ability to monetize email attacks and compromised accounts along with leveraging them as a mechanism to launch other attacks. This method preys on the weakest link in most organizations, the user. In the next year, we expect to see continued awareness in email as an attack entry point, and an executive focus on email as the area companies are looking at to improve security in a similar way we saw executive teams aware of ransomware in the past few years.
4. Gaps in Multifactor
With the proliferation of account compromise as an effective attack vector, many companies have looked at Multi-Factor Authentication (MFA) as the panacea, feeling that it would prevent them from being impacted in the likely situation an account was compromised. For the most part, this confidence in MFA solutions was well placed as most security incidents rooted in account compromise were situations where the organization did not have MFA enabled. This was not due to the infallibility of MFA, but rather to the low adoption of MFA. It was much easier to find a target without MFA than to work around it. More recently, there’s been a large increase in MFA adoption and we are beginning to see more apps and processes available to the hacking community to work around MFA solutions. In the next year, we predict we will see a rise in successful attacks where MFA solutions were present.
5. Shift From Point Tools to Holistic Solutions
Over the past few years, we have seen major breakthroughs in technologies to protect different areas of the attack surface, whether it be email, servers, network devices, etc. This has resulted in better security for organizations, but also in a significant challenge in managing all of these disparate point security solutions. We have begun to see the market respond to this with the growth of Managed Detection and Response offerings. In trying to provide more centralized, efficient and cost-effective security management frameworks for organizations, we expect these solutions to continue to rise in popularity and use in the next year.
We will continue to see that the only seemingly constant thing in security is change. It is required that security experts and services providers closely watch these trends to ensure they have the protections in place to support their own, and their customers’ needs, in the year ahead.
If you like to stay a step ahead of the attackers and get a head start on 2020, checkout how Continuum Fortify will help MSPs keep these predictions from coming true to your organization or customer base.
Related: Learn more about Continuum MDR