In 2019, some of the largest breaches in history occurred. Marriott’s hotel group was one of the first with a breach that affected 383 million people. Millions more were affected in breaches of Capital One, Facebook, Instagram, MoviePass, and so many others. Emails, passwords, credit cards, passport numbers, bank account numbers, birth dates, and SSNs are among the information that may have been stolen in these breaches.
IBM estimates that the typical data breach costs a company almost $4 million when it comes to investigation, fines, lawsuits, and restitution. Equifax had to pay $700 million after its breach. Facebook settled on a $5 billion fine with the FTC. To avoid exposing your company to this risk, cybersecurity needs to be one first plan of action in 2020. If you’ve been putting it off, it’s time to take action. Here are some of the most concerning predictions regarding cybersecurity in 2020.
Attackers Look for “Patch Gaps”
Many breaches take place when an update takes place, but there’s a vulnerability. Patches go out, but it’s up to users to install them promptly. If the patch has a problem, it causes additional delays. These “patch gaps” take place in the space between a viable patch being developed and sent to users to install.
Your system administration team has to be on top of updates and patches. While Equifax’s breach took place due to one of these patch gaps, you can’t let that happen. Make sure you have a strong system administration team in place and that plans for upgrades are shared so that your workers aren’t accessing a system before the upgrade is complete.
Additionally, when companies leave outdated hardware “online” and stop supporting it through patches and security updates, it leaves additional vulnerabilities which could allow hackers an easy way in to your data and network.
Internet of Things (IoT) Devices Will Be Targets
IoT devices are the items that are able to transmit data from one location to another using the internet. This includes things like video security cameras, wireless sensors, smart speakers, and other smart technology. There are also the wireless systems that allow sellers to accept credit and debit cards in their stores or while they’re at trade shows, festivals, or farmers’ markets.
Hackers can access these items and use the information they collect to threaten or extort. They can hack them to steal private information. There’s already been one big breach announced with Wyze security cameras, this is predicted to be a growing trend. Disconnecting these items from the internet or making sure they’re behind strong firewalls and protective measures is important.
Deepfakes Are Expected to Make Fraud Easier to Pull Off
While some companies, such as Facebook, are working to ban deepfakes, they’re still being used to commit misdeeds. It’s expected that deepfakes will become a handy path for ransomware. By sending a realistic video putting that recipient in a compromising situation, it’s believed that political figures and other well-known people will pay the ransom rather than have that video publicly released.
Being an election year, it’s believed that deepfakes may target those running for office. Even if the video isn’t that candidate, proving it’s not could be hard with the quality of the video. Public images and videos are out there and software makes it easy to fake a video. This is going to be something business others and public figures need to carefully monitor and have a plan of attack if it happens to them. The public is also going to have to be skeptical about the videos they see on social media and news as some could be deepfakes.
The Shift to 5G
Many areas will see 4G networks shifting to the faster 5G networks. This is going to drastically increase the speed at which data theft can be committed. It’s going to be challenging staying one step ahead. Every business needs to have a systems administration team in place to monitor for updates, understand how to react if there is a breach, and work hard to prevent breaches.
Additionally, many devices will become outdated and obsolete as they are replaced with 5G devices. These not only include mobile devices like cell phones and smart phones, but include things like wireless access points, 4G tablets, and specialty equipment.
Be Ready to Prove You’re Compliant and Taking Security Seriously
Customers are going to be less trusting. If you’re storing information like medical records, credit card or bank account information, you are going to need to prove that you are doing everything required by laws and regulations to protect that information. Customers may demand proof.
When you’re recycling electronics, you cannot trust the first company you find. You need to do your homework and verify that the e-waste recycling company destroys data, shreds, and recycles as is legally required. The best way to do this is by asking to see the e-recycler’s certifications. Look specifically for AAA NAID, e-Stewards, and R2 certifications. ISO and OSHAS certifications are also certifications to consider.
ERI makes sure that the e-waste recycling process is transparent. You’ll have documentation tracking each step of the recycling process. All e-waste is processed in the U.S. Nothing is shipped overseas. We hold all of the aforementioned certifications, so you can trust in us to properly recycle your printers, phones, copiers, computers, and other electronics with the highest level of security. We take responsible recycling seriously. Give us a call to learn more.