GUEST ESSAY: Top cybersecurity developments that can be expected to fully play out in 2019

From a certain perspective, 2018 hasn’t been as dramatic a cybersecurity year as 2017, in that we haven’t seen as many global pandemics like WannaCry.

Related: WannaCry signals worse things to come.

Still, Ransomware, zero-day exploits, and phishing attacks, were among the biggest threats facing IT security teams this year. 2018 has not been a dull year as far as breaches. The cycle of exploit to discovery to weaponization has become shorter, and unfortunately, it has become more difficult to protect the enterprise network and the various devices connected to it.

In 2017, roughly 63% of organizations experienced an attempted ransomware attack, with 22% reporting these incidents occurred on a weekly basis. We expect to wind up with close statistics for 2018.

Here are a few trends I expect will dominate cyber security in 2019.

Security and Privacy Merge

Despite the fact that everyone is still trying to understand the new privacy landscape and perhaps because they haven’t fully grasped the new realities, everyone is paying attention. Perhaps it is our ever increasing focus on privacy in general and GDPR specifically.

Perhaps it is because more organizations will be working long hours to embrace the compliance measures that are needed to protect privacy that we won’t see a major lawsuit against a company. All we know is that we have seen an increase in companies seeking NAC solutions to keep up with all the new compliance regulations and it is very satisfying to hear that sigh of relief, when a company has implemented their solution.

AI + ML = forensics and investigations

Artificial Intelligence (AI) and Machine Learning (ML) are going to be implemented into the arena of practical usage in cyber security – mainly for forensics and identification of culprits in cyber events. Investigating security events is costly both in terms of time and the expertise required.


We believe that AI and ML are well positioned to help in these investigations for obvious reasons, relating to computing power and specialized programming of what to look for and the ability to learn. AI and ML enable the clustering and analysis of monumental volumes of data that would otherwise be impossible to do within a reasonable amount of time even if you had the best trained minds in the business working on the investigation.

Ransomware – more targeted attacks are expected against wealthy and famous individuals.

Social networks offer a world of insights and information on almost anyone who has an account. Unfortunately, it provides a lot of details that assist cyber offenders in the monetization of attacks (due to bitcoin) and the ease of performing spear phishing attacks – all will be combined for a more targeted approach.

IoT security issues will increase

IoT will be deployed in more business usages and scenarios. The risk will rise and eventually this will cause more issues with a few headlines of devices that were used to hack networks.

The conversation – Whose job it is to protect organizations in the public and private sector?

Nationwide attacks on large businesses will bring up the discussion of who should protect a country and a business from cyber security attacks. Should the state and country be active in the defense of the private sector? In the same respect, you wouldn’t expect a bank branch to deploy anti-missile defense systems against the possibility of an offending country.

At Portnox, we will continue to innovate our network security and risk control tools to provide solutions to all, empowering our customers with valuable, holistic solutions to protect their networks.

About the essayist: Ofer Amitai is CEO of Portnox, which supplies network access control, visibility, management and policy compliance systems designed to help today’s complex networks run smoothly and securely.

(Editor’s note: This article also appeared on Portnox Point)

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: