According to Nick FitzGerald, senior research fellow at cyber security firm ESET, even businesses that only use digital systems incidentally are at increased risk of cyberattack in an era where digital connectivity is now ubiquitous.
“However, with so many organisations looking to increase their use of technology, and technology’s heightened role in company operations, the risks are now higher than ever,” warns FitzGerald.
“And, these risks will continue to rise as cybercriminals continue to become more sophisticated, so it’s crucial for organisations to take the necessary steps to remain ahead of attackers. That includes being aware of upcoming trends in the cyberthreat landscape.”
ESET has identified four key areas that it says will affect businesses and consumers alike in the decade ahead:
1. Ransomware attacks
Everyday items are getting smarter and more connected as part of the Internet of Things (IoT). Companies are integrating IoT devices into all levels of operations to increase efficiency and significantly save cost. Cities are racing to implement smart solutions but may not be ready to address the subsequent increased security risk. Australian businesses hold the highest rate of ransomware attacks globally, with 76% reporting an attack during 2017.1
2. Machine learning
With machine learning (ML) gaining traction, many cumbersome, repetitive tasks have been automated. From sifting through masses of data to dealing with repetitive chores, the learning mechanism improves the way businesses tackle problems. In 2019, ML gained notoriety because of a more concerning issue, the rise of the deepfake. A deepfake is a portmanteau of deep leaning and fake. It sees one person’s likeness superimposed onto another’s in a video or image, and the difference is imperceptible. This approach makes it easy to damage people’s reputations or make it look like they’ve said or done something when they really haven’t. The technology was also applied to FaceApp, which raised privacy concerns.2 Deepfakes and other ML-driven technologies have the potential to increasingly impact daily lives.
3. Fake news
Fake news is a modern term for propaganda. The barrier to entry into the media market has all but disappeared and anyone can set up a website or blog to push their agenda. This can make it hard for people to distinguish between fake news and real facts, which can manipulate markets and even elections. There is no technological solution available currently that can distinguish between fake news and reality, so the onus is on individuals to examine their news sources and consider their credibility.
Australian organisations are more aware than ever of the importance of protecting sensitive information. Updates to the Privacy Act will make it even more expensive for organisations that fail to protect sensitive data.3 The risk of fines for non-disclosure of data breaches has prompted organisations to proactively improve their data security. Organisations that haven’t yet done so will soon face a real economic and commercial imperative to treat privacy measures as a cornerstone of their business.
“Organisations embarking on a digital transformation journey should never underestimate the value of good cybersecurity practices,” says Fitzgerald.
“Ongoing digitalisation is transforming how society works. People are more aware of their rights and demand better protection of their data. Technologies like ML are evolving rapidly, giving some companies an edge over the competition, and cybercriminals are also ramping up their attempts to breach corporate systems to steal valuable information.
“It’s important for companies to take stock of lessons learned in the past year and keep sight of how emerging technologies, and emerging cyber-risks, will impact their business operations moving forward.”