Here are DigiCert’s predictions for cybersecurity in 2020, including those around digital transformation and IoT.
Three things are almost certain this time of year. First, you’ll be tempted by all flavors of festive treats. Second, you’ll wish holiday greetings to family, friends, customers, teammates and partners so often that you may go hoarse because of it! Third, you will contemplate what the New Year will bring, and you’ll even make some predictions about what the future holds.
For our experts at DigiCert, it’s check, check and check. It’s an interesting time in the world of cybersecurity, and following is what our experts had on their minds as they took a peek through their crystal balls at the not-so-distant future.
- Certificate Automation: with shorter validity periods on the horizon for TLS certificates, organizations will need to start embracing automation in order to make certificate management easier.
- Consumers will have to heighten their security awareness as threat actors take advantage of free Domain Validated TLS certificates to show the padlock on their websites. It’s no longer sufficient to “look for the lock,” one must look “beyond the lock.”
- IoT Security: hackers will continue to find vulnerabilities in consumer devices since security is not top of mind when these devices are developed. While there have been some improvements, we hope for more.
- This year, we have seen the adoption of the CCPA (California Consumer Privacy Act) and the failed NYPA (NY Privacy Act). There is an impetus for a national privacy act, similar to GDPR, but the likelihood of that happening in the current administration is low. Nonetheless, consumers are very concerned about recent privacy breaches. States are filling the holes by adopting their own acts but this will make compliance very difficult for companies due to the patchwork nature of adoption.
Tim Hollebeek, Industry and Standards Technical Strategist at DigiCert
- NIST will have standardized a post-quantum computing algorithm by 2022-2024, kicking off a global effort to deploy it. Companies that have inventoried their cryptographic systems and emphasized cryptographic agility will have a relatively easy time deploying it; others, not so much.
- A quantum computer will solve an economically important problem next year. This will kick off a new era of investment in accelerating quantum computing development based on the demonstration of practical benefits. The adoption of post-quantum cryptography will need to keep up.
Mike Nelson, Vice President of IoT Security at DigiCert
- We will see more public exploits on IoT devices that will cause regulators to strengthen their position on IoT security. More global governments will introduce IoT security regulation.
- We will see industries come together in an effort to create standards for securing IoT devices in their industry. These efforts will be an attempt to avoid regulation.
- Many of the small private certificate authorities supporting global IoT deployments will run into scalability issues as they realize the challenge of a global scale. This will cause manufacturers to turn to the large public certificate authorities in an attempt to solve the scalability challenge. The public certificate authorities will respond by creating or acquiring more robust IoT, or private trust, solutions to meet the growing demand for IoT security.
Time will only tell which trends emerge in 2020, but here’s hoping security can keep up, so they’re as satisfying as those holiday treats you undoubtedly have laying around the house. No doubt 2020 will be an exciting year. Here’s to wishing you a safe, prosperous and Happy New Year!