Thinkers360 2020 Predictions are member-sourced predictions from our opt-in B2B thought leader and influencer community with 15M+ followers on social media combined. The 2020 Predictions for Cybersecurity are part of a series intended to provide actionable insights for business and technology executives.
Having recently published our Top 50 Global Thought Leaders and Influencers on Cybersecurity, we asked a selection of our Thinkers360 global influencers about their predictions for Cybersecurity in 2020. Here’s what they told us…
What are your predictions for Cybersecurity in 2020?
As the sheer volume of cyberattacks outpace the capacity of humans to respond, machine learning and AI will be essential to identify, isolate, and respond to the most sophisticated threats. Beyond the machine-to-machine arms race, however, human creativity, inventiveness, and collaboration will remain paramount — both to program the machines and to match wits with the cybercriminals.
Smart leaders will close the skills gap by cultivating talent from a much wider base. That means diversity in race, gender, culture, etc., but also from unlikely parts of the organization, like the business side. That expanded perspective supports a unified culture that’s security savvy from the board and CEO down — and willing to make the security investments essential to growth and competitiveness.
– Kevin Delaney, Thought Leadership, Writer/editor/podcast producer at CISCO
The use of passwords and tokens in medium-risk use cases will drop significantly, due to the introduction of recognition technologies.
More organizations will add Cybersecurity experts to their board and create governance programs.
Cybersecurity concerns will make it more challenging for those early stage startups to get their foot in the door with enterprises.
– Helen Yu, Founder & CEO, Tigon Advisory Corp
We will see a much stronger collaborative risk management approach to cybersecurity among CISOs in the public and private sectors because of growing and more sophisticated threats. This collaboration will include enhanced sharing of threat information and of cybersecurity tools related to machine learning, automation and orchestration capabilities.
– Chuck Brooks, Principal Market Growth Analyst for Cybersecurity and Emerging Tech at General Dynamics Mission Systems
Cyber will become increasingly important for implementation of emerging technologies, starting with AI and blockchain and also demonstrating the need to think about cyber in future applications around 5G and even quantum computing. As these technologies increase in import for government and industry, any vulnerabilities that could be exploited will have significant impacts that lead to real and perceived challenges to adoption. Government and industry leaders should build cyber into their innovation roadmaps, rather than treating them as separate domains.
– Dan Chenok, Executive Director, Center for The Business of Government, IBM Global Business Services
Data privacy needs to be embedded deep into an organization’s culture; protection of personal data needs to be a core priority. 2020 will be the year of Privacy by Design; Privacy by Default, where companies take data privacy much more seriously, and a growing trend of implementing data security and privacy programs. The newly released ISO 27701 will help with establishing a Privacy Information Management System (PIMS), and the soon to be released NIST Privacy Framework will allow organisations to have much more structure in designing and implementing data privacy programs for their organizations.
Two industries where I expect to see a significant focus into data protection are in Financial Technology companies (FinTech), and in the HealthCare industry. Companies in these industries will need to navigate carefully, as the growing amount of data collected puts them at an even greater risk than before. My advice to organisations is to make sure they don’t forget the basics. Always remember to focus on the Human Element of cybersecurity, as a bulk of the cybersecurity attacks originate from some form of human error (e.g. phishing, weak passwords etc.) A healthy secure culture should always be a combination of People, Process and Technology.
– Adj. Professor Jason Lau, Chief Information Security Officer at Crypto.com and Regional Lead for the International Association of Privacy Professionals (IAPP)
Venture capitalists will accelerate feature development via mergers and acquisitions. In recent years, VCs have funded point solution vendors for technologies like SOAR and UEBA. These are features, not stand-alone technologies, and it’s often cheaper for market leaders to buy rather than build new features. CISOs should be aware of this market reality, as buying early-stage cybersecurity from a startup carries the risk of unintentionally having a business relationship with a much larger vendor within two years, and consequently needing to either buy the larger technology solution or rip and replace after the acquisition closes.
– Kayne McGladrey, Director of Security and IT, Pensar
2020 Year of Enlightenment for Cybersecurity – It will become evident to the public that the worst impacts are not data breaches, but rather the trust in critical systems that underpin the activities of daily life. Outages against government services, public utility systems, financial services, retail and manufacturing industries, healthcare, communications, social and news media, and systems of democracy will be more severe and impactful to people. The attackers will be a mix of cybercriminals seeking financial gain, nation-states projecting policy, and radical groups pushing their agenda. Failures will be scattered across the globe. The scope and severity of attacks we will see in 2020 will drive the realization that we have reached a point where our everyday lives, now heavily reliant on the digital world, are tremendously vulnerable to cyber-attacks that can impact every person in so many new ways. Trust in technology will begin to be questioned by the public.
– Matthew Rosenquist, Cybersecurity Strategist and Industry Advisor
The lack of consistent cyber security training and education will become more of a problem and we will see bigger GDPR fines and consequences as a result. We will see more cyber security threats within the workplace due to the continued proliferation of Shadow IT. Unfortunately there are many existing threats which are still not being managed or patched and thus will continue to be a problem. The lack of security within IoT will come in to focus – the industry need to be discussing SoT – the Security of Things.
– Rob May, Managing Director, ramsac
First of all Ransomware attacks will move the next level. While we have seen a lot of “watering can” type of attacks addressing the weaknesses of badly patched systems in the past, I would expect these attacks to become less relevant. We now see an increasing maturity in the patching discipline and preparation for these attacks. On the other hand we have to expect cyber-criminals launching more targeted ransomware attacks against businesses depending on maximum availability – mainly critical infrastructure, healthcare or IIoT environments.
Secondly the nation state cyber-crime and -espionage will move to the next level reflecting the worldwide struggles around us. This can materialize in manipulating elections, cyber-espionage to steal latest technologies, espionage on relevant politicians but also massive cyber-attacks to paralyze an opponent by attacking critical structures or industries. Hard to defend but something growing because it is a new and powerful weapon for future political and economic conflicts.
– Kai Grunwitz, Country Managing Director – Germany at NTT Ltd.
As we look towards the next decade, the industry must pivot towards a clearer execution focus: Security cannot be seen any more JUST as a matter of risk appetite or as a box-checking exercise; equally, constant firefighting is no longer sufficient as the “when not if” paradigm takes root in the boardroom and senior executives demand real results, often in exchange of very significant investments.
Security must become a delivery imperative, and where existing maturity levels are low, the CISO must become a true transformational leader. (Editor’s Note: See also the author’s whitepaper “Cybersecurity A Look Across Two Decades: A Quantitative Analysis of the Language of Security 2002-2019”)
– Jean-Christophe Gaillard, Founder & Managing Director, Corix Partners
Join us on Thinkers360!
Thinkers360 is an opt-in network of the world’s foremost thought leaders — including academics, analysts, authors, consultants, influencers and speakers — with over 15M followers on social media combined. We are differentiated by our unique patent-pending algorithms that measure thought leadership and authentic influence looking far beyond social media alone.
Individuals: Connect and work with global brands as an author, influencer, speaker and more. Showcase your thought leadership profile and portfolio, build your media kit, and participate in our global leaderboards and opportunity marketplace: Sign-Up (free) | Newsletter
Enterprise (including brands & agencies): For brand, influencer, content marketing and speaker bureau services, working with our network of premier opt-in influencers with 15M+ followers on social media: Request an Enterprise Consultation | Explainer Video
Want to discover and work with authors, influencers and speakers (including access to our unique thought leader reports and analytics, personal introductions, and our zero-transaction fee speaker bureau)? Contact us at info@www.thinkers360.com
For custom influencer lists, advertising and leaderboard sponsorship opportunities, please contact info@www.thinkers360.com.