Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Top Cyber Threat Predictions for 2019

367 vues

Publié le

This session will discuss the main cyber threats for 2019 by including security public and private sector experts. After an overview of the top cybersecurity industry predictions for the coming year, the panel will discuss effective solutions and roadmaps needed as we head into the 2020s.

Main points covered:

• What are the top cyber threats facing enterprises in 2019?
• What do the major cybersecurity vendors believe will happen in the next few years?
• What is being done to prepare for daily cyber-attacks facing enterprises?
• What projects are leading Chief Information Security Officers (CISOs) and Chief Risk Officers (CROs) implementing now?


Our first presenter for this session is Maria S. Thompson, State Chief Risk and Security Officer for the State of North Carolina. Maria brings to the State over 20 years of experience in Information Technology and cybersecurity. Maria’s personal honors include receiving the 2007 National Security Agency’s prestigious Rowlett Award for individual achievement in Information Assurance. Additionally, she received the 2008 Office of Secretary of Defense Certificate of Excellence for the implementation of an IA strategy for the Information Assurance Workforce. Most recently, Maria was selected as a winner of one of the 2018 Triangle Business Journal Women in Business award and State Scoop’s 50th Award State Cybersecurity Leader

The second presenter is Dan Lohrmann is an internationally recognized cybersecurity leader, technologist and author. Starting his career at NSA, Lohrmann has served global organizations in the public and private sectors in many leadership capacities. As a top Michigan Government technology executive for seventeen years, Dan was national CSO of the Year, Public Official of the Year and a Computerworld Premier 100 IT Leader. He is currently CSO & Chief Strategist at Security Mentor, where he advises global and local corporations and governments on cybersecurity and technology infrastructure strategies and security culture change. He has been a keynote speaker at security conferences from South Africa to Europe and Washington D.C. to Moscow.

Recorded Webinar: https://youtu.be/IHAAXQ30zBk

Publié dans : Formation
  • Have you ever heard of taking paid surveys on the internet before? We have one right now that pays $50, and takes less than 10 minutes! If you want to take it, here is your personal link ➤➤ https://tinyurl.com/make2793amonth
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici
  • I went from getting $3 surveys to $500 surveys every day!! learn more... ♣♣♣ https://tinyurl.com/realmoneystreams2019
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici
  • Soyez le premier à aimer ceci

Top Cyber Threat Predictions for 2019

  1. 1. Use by permission 1
  2. 2. Use by permission CYBERTHREAT RECAP 2
  3. 3. Use by permission CYBER THREATS 2018 - 3 • Trend Micro: The ransomware business model will still be a cybercrime mainstay • Symantec: Blockchain Will Find Uses Outside Of Cryptocurrencies • Kaspersky: Fraud as a service. Speed increases danger • Everyone: More DDoS attacks via IoT • Everyone: Lack of trust – More ‘Fake News’ • Multiple vendors: Election security issues • McAfee Labs predicts an adversarial machine learning “arms race” between attackers and defenders • GDPR – GDPR – GDPR http://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-top-18- security-predictions-for-2018.html http://www.govtech.com/blogs/lohrmann-on-cybersecurity/2018-the-year-privacy-took-center- stage.html
  4. 4. Use by permission THE TOP 19 SECURITY PREDICTIONS FOR 2019 4 http://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-top-19-security-predictions-for-2019.html
  5. 5. Use by permission TOP CYBER THREATS 2019 5 Almost Everyone Agrees… • More big data breaches coming • Bad actors are still in the lead – by a substantial margin • IoT is bringing (not so smart) security needs to ‘smart everything’ • Explosion of data collection – much wider surface • More infrastructure vulnerabilities will cause outages • Very few Cyber 9/11 or Cyber Pearl Harbor ‘dire’ predictions
  6. 6. Use by permission TOP CYBER THREATS 2019 6 Some Disagreements… • Will Artificial Intelligence (AI) really help this year in cyber? (Forcepoint v IBM) • Biggest threats cloud v mobile v critical infrastructure • Sectors to be hardest hit (Is it hospitals’ turn?) • “Sophos predicted fewer, better adversaries. “We expect we’ll eventually be left with fewer, but smarter and stronger, adversaries.” While others predict the rise (or return) of more small guy hackers and more hacktivists rising out of obscurity. (I’m with the second group.)” • What do we even name predictions, trends, forecasts, threats?
  7. 7. Use by permission PREDICTION DETAILS PLEASE 7 Trend Micro: • Actual Mass Real-World Use of Breached Credentials Will Be Seen • Sextortion Cases Will Rise • Home Networks in Work-From-Home Scenarios Will Open Enterprises to BYOD-like Security Risks • Innocent Victims Will Get Caught in the Crossfire As Countries Grow Their Cyber Presence • 99% of Exploit-Based Attacks Will Still Not Be Based on 0-Day Vulnerabilities • Cybercriminals Will Compete for Dominance in an Emerging IoT ‘Worm War’ • My favorite from Trend Micro: Cybercriminals Will Use More Techniques to Blend In – “In response to security vendor technologies, specifically the renewed interest in machine learning for cybersecurity, cybercriminals will use more malicious tactics to “blend in.” New ways of using normal computing objects for purposes other than their intended use or design — a practice known as “living off the land” — will continue to be discovered, documented, and shared. We have been observing a few of these.”
  8. 8. Use by permission PREDICTION DETAILS PLEASE 8 FireEye: • (More) Nations developing offensive capabilities • Breaches continuing due to lack of attribution and accountability • The widening skills gap, and fewer trained experts to fill security roles • Lack of resources, especially for small and medium-sized enterprises • Supply chain as a weakness • Attackers eyeing the cloud, since that’s where the data is headed • Social engineering, considered by many to be the most dangerous threat • Cyberespionage, cybercrime and other threats to the aviation industry
  9. 9. Use by permission PREDICTION DETAILS PLEASE 9 McAfee Labs: • Cybercriminal Underground to Consolidate, Create More Partnerships to Boost Threats • Artificial Intelligence the Future of Evasion Techniques • Synergistic Threats Will Multiply, Requiring Combined Responses • Misinformation, Extortion Attempts to Challenge Organizations’ Brands • Data Exfiltration Attacks to Target the Cloud • Voice-Controlled Digital Assistants the Next Vector in Attacking IoT Devices • Cybercriminals to Increase Attacks on Identity Platforms and Edge Devices Under Siege
  10. 10. Use by permission PREDICTION DETAILS PLEASE 10 WatchGuard: • AI-Driven Chatbots Go Rogue • Utilities and Industrial Control Systems Targeted with Ransomware (heard this from others) • A Nation-State Launches a “Fire Sale” Attack • Fileless, Self-Propagating “Vaporworms” Attack • Attackers Hold the Internet Hostage
  11. 11. Use by permission PREDICTION DETAILS PLEASE 11 ForcePoint: • The winter of AI — There is no real AI in cybersecurity, nor any likelihood for it to develop in 2019. • Industrial IoT disruption at scale — Attackers will disrupt Industrial Internet of Things (IIoT) devices using vulnerabilities in cloud infrastructure and hardware • A counterfeit reflection — Hackers will game end-user face recognition software, and organizations will respond with behavior-based systems. • Courtroom face-off — 2019 will see a court case in which, after a data breach, an employee claims innocence and an employer claims deliberate action. • A collision course to cyber cold war — Isolationist trade policies will incentivize nation states and corporate entities to steal trade secrets and use cybertactics to disrupt government, critical infrastructure, and vital industries • Driven to the edge — Consumer concern about breaches will cause companies to embrace edge computing in order to enhance privacy. Designers will face significant headwinds with adoption due to low user trust. • Cybersecurity cultures that do not adapt will fail — Industrywide security trust ratings will emerge as organizations seek assurances that partners and supply chains are trusted partners.
  12. 12. Use by permission PREDICTION DETAILS PLEASE 12 Dan Lohrmann Prediction Awards: Most Creative — Beyond Trust – “Millennials Ruin Everything” — (Based on a privacy prediction on the evolving prediction of privacy and how young people don’t care and share.) Newest & Specific — “Bring your own security (to work) takes off” — (MalwareBytes) Most Scary (yet practical) — Cybercriminals Will Compete for Dominance in an Emerging IoT ‘Worm War’ (TREND MICRO) Most Common and Likely — More large-scale security breaches — (almost everyone) Most Disagreement Among Security Companies — The Role and Value of AI in 2019 (Many predictions highlight how AI value is way overblown). Best Overall Advice in Predictions — Well-known Vulnerabilities Will Continue to Dominate Cyber Attack Reports (Beyond Trust and others)
  13. 13. Use by permission HOLD FOR NORTH CAROLINA 13
  14. 14. Use by permission HOLD FOR NEBRASKA 14
  15. 15. ISO/IEC 27032 Training Courses • ISO/IEC 27032 Introduction 1 Day Course • ISO/IEC 27032 Foundation 2 Days Course • ISO/IEC 27032 Lead Cybersecurity Manager 5 Days Course Exam and certification fees are included in the training price. www.pecb.com/en/education-and-certification-for-individuals/iso-iec-27032 www.pecb.com/events
  16. 16. THANK YOU ? dlohrmann@securitymentor.com maria.s.thompson@nc.gov chris.hobbs@nebraska.gov