As a place for exchange, reflection, innovation and business, the FIC makes it possible to capture some of the cyberspace trends in terms of threats, technologies, governance and strategies. Some already are strong signals that have already been confirmed. Others, on the other hand, are still emerging and may be in the news over the next few months.
Here is a quick overview of the trends that were spotted at the FIC 2020 during the numerous round tables, conferences, demonstrations, publications and in the alleys of the Forum:
- Explosion of massive cybercrime, with email remaining the preferred vector. Phishing (approximately 15% of global email traffic) has brought the breaches of trust to the ‘age of multitude’ by allowing attackers to collect personal data, but also to spread malware to penetrate the networks and computers of targets.
- Amplification of ransomware attacks, that have doubled in 2019. The trend is strong and concerns individuals, companies and local authorities. While operations are better prepared and more focused –allowing attackers to maximize their ROI – there is little technological innovation in the operating mode.
- Growing threats to the Internet’s core infrastructure. Critical services and protocols (such as the DNS, BGP, or directory services) have been subject to highly sophisticated attacks, which have a lower probability of occurrence but a potentially systemic impact. This risk aggravated by the low genetic diversity of certain equipment and systems.
- Multiplication of rebound attacks targeting subcontractors. Attackers are shifting their efforts to the weaker links, such as subcontractors or IT administration and maintenance providers, for example. This then allows them to hit more targets through a single point of entry.
- Progression of the vulnerability surface. IoT, cloud computing and soon 5G, which is going to revolutionise nomadic uses, are new theatres of operation for attackers, especially since they are often deployed in companies behind the CIOs’ back.
- Refocusing security on the user. Zero trust approach, behavioural analysis technologies (UEBA), user awareness, UX improvement, data security etc.: whether trusted or not, the user must be at the centre of any security policy.
- SOAR technologies on the rise. Due to the increase of the vulnerability surface and the multiplicity of security equipment and technologies, the exponential growth of security events requires the use of increasingly automated detection, orchestration and response capabilities based on artificial intelligence.
- Gradual evolution of SOCs towards ‘Fusion Centres’. The SOC must now be able to integrate all security domains and exploit multiple technical and ‘business-related’ data, both internal and external, in one single datalake.
- Priority to human capital. Even if AI-based solutions are being developed, human skills remain key to cybersecurity. Yet many positions are still to be filled today. It is therefore essential to strengthen the attractiveness of the sector and its many professions (architects, pen-testers, developers, system administrators, analysts, etc.).
- Digital sovereignty: time to get into practice. As regards both digital sovereignty and strategic autonomy, the ability of states, companies and individuals to control their destiny in the digital age is a key issue that now calls for concrete solutions at the legal, fiscal, industrial and technological levels.
(by Guillaume Tissier, President of CEIS)