cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

How about an ISC2 Community Predictions for 2020?

Hi All

 

How about some debate about security and privacy predictions of our own for 2020? 

 

1)  Pushing things off the ramp, I believe IoT, IIoT, and OT - putting them in the same domain, although there is some subtle differences within OT.   This area will become a major concern in 2020, especially after the study on RSA digital certificates state within these IoT devices:  https://www.computing.co.uk/ctg/news/3084715/iot-encryption-weak?utm_source=Adestra&utm_medium=email...

 

2)  Is it not time for passwords to be phased out and for us to go FIDO instead?  https://fidoalliance.org/

 

Any thoughts on how to establish and achieve this in 2020?

 

3)  Ransomware is increasing, as shown with many education establishments in the USA lately being held to extortion attempts - so relate to IoT and they the cyber-criminals are likely to literally make a killing in terms of increased revenues to themselves.

 

4)  The ramifications of the CCPA and SB-327 will be known in 2020 and the likelihood of USA adopting a GDPR like legislation?

 

5)  Any others that come to mind?

 

Regards

 

Caute_cautim

 

38 Replies
dcontesti
Community Champion

Sorry to be late to the discussion, I believe one thing that will plague Security folk in 2020 are the ever changing and new Privacy laws that are coming at us.  NY has two new privacy laws coming out in March of 2020 and while similar to CCPA and GDPR, there are differences sufficient enough to warrant concern.

 

As a suggestion, this conversation would make a great blog post.  Maybe we could each write a paragraph on one item and then we could combine and ask (ISC)2 to issue.

 

Thoughts?

 

d

 

Caute_cautim
Community Champion

@dcontesti     A marvellous thought indeed, lets compile some paragraphs, and let have a go at your suggestion?    Anyone want to kick this off to prepare the pathway to 2020?

 

I will produce a paragraph at least by the end of today, everyone feel free to contribute and see what we can come up.

 

Suggestions:  IoT, IIoT, OT;  Zero Trust Security; Ransomware, Flash;  End of Passwords; Fake News:  AI:  etc etc.

 

Lets compile and see what brilliance we can up with - the challenge is on.  

 

Regards

 

Caute_cautim


@dcontesti wrote:

Sorry to be late to the discussion, I believe one thing that will plague Security folk in 2020 are the ever changing and new Privacy laws that are coming at us.  NY has two new privacy laws coming out in March of 2020 and while similar to CCPA and GDPR, there are differences sufficient enough to warrant concern.

 

As a suggestion, this conversation would make a great blog post.  Maybe we could each write a paragraph on one item and then we could combine and ask (ISC)2 to issue.

 

Thoughts?

 

d

 


 

dcontesti
Community Champion

I will write something on Privacy (unless someone else wants this one).

 

My initial thought is to have maybe ten to twelve "predictions" for the blog post but as always open to others thoughts/suggestions/etc.

 

now to go shopping on Boxing day LOL 

 

d

Caute_cautim
Community Champion

Crazy person - watch out for those Smart devices embedded oh IoTs - I will do a write up on these for starters. Have fun.
AppDefects
Community Champion

Data breaches will get bigger! Duh, no kidding;) Who will be next? Why do we continue to put up with data breach excuses? What sob story will we hear from CEO's? We are truly sorry... blah, blah, blah. We need laws to change. Mandatory jail time for executives that don't care about security and privacy. Jail time for people using production data in test. Lock them up!

 

In the 2020's we need to rethink identity. 

rslade
Influencer II

Trebor the Magnificent knows all and tells all.

In 2020, a major institution will be hit by ransomware. Media will report that
millions are at risk of having their data stolen EVEN THOUGH RANSOMWARE
DOESN'T DO THAT!!!!

In 2020, a security company will call for the end of passwords because they have
come up with a proprietary authentication scheme. It will be complex, expensive,
and unworkable.

In 2020 many security experts will urge people to move to the cloud, and claim it
is inherently much more secure than using your computer, EVEN THOUGH
CLOUD JUST MEANS SOMEBODY ELSE'S COMPUTER!!!!

In 2020 some idiot in either politics or law enforcement (or both) will call for the
development of encryption which, magically, the good guys can read but the bad
guys can't. They will also call for the banning of all current encryption systems.

In 2020, Facebook will once again abuse users trust.

In 2020, someone will realize that, if you have a cell phone, somebody knows
where you are at all times.

In 2020, someone will realize that, if you post everything about your life on
publicly accessible social media, people will be able to find out about you.

In 2020, there will be yet another law passed making telemarketing, robocallers,
untraceable calls, and other phone nuisances illegal. It won't change anything.
(And there will also be special dispensation noting that it doesn't apply to
politicians.)

In 2020 there will be a special month devoted to making everyone aware of
cybersecurity. Nobody will notice.

In 2020 you will have a Happy New Year, whether you realize it or not.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
I hate, I despise your religious feasts; I cannot stand your
assemblies. Even though you bring me burnt offerings and grain
offerings, I will not accept them. Though you bring choice
fellowship offerings, I will have no regard for them. Away with
the noise of your songs! I will not listen to the music of your
harps. But let justice roll on like a river, righteousness like
a never-failing stream! - Amos 5:21-24
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Caute_cautim
Community Champion

@rsladeThe giant has awoken, the Kraken lives on.  I was following a threat the other day on Linkedlin, where someone suddenly realised that Huawei was owned by the People's Republic of China or PRC.  This apparently was so devastating to them in terms of being a realisation of reality.  But later on over the festive period we see that India has full embraced Huawei, so comes a load of pain for over 95 million people in which rich surveillance will be available in due course. 

 

And you remarks about court cases and legislation - could not be truer according to:  https://www.law360.com/telecom/articles/1224443/cybersecurity-privacy-cases-to-watch-in-2020

 

HNY 2020

 

Caute_cautim

AndreaMoore
Community Manager

@dcontesti @Caute_cautim @rslade @AppDefects @Starat

 

I LOVE this idea of a group authored blog post!!! The theme could be something like 2020 Vision for Cybersecurity...

 

Once you have it written, send it to me at communications@isc2.org as well as a list of the authors and your twitter handles (if you want to be tagged). We'll edit it (and if it is really long make it into multiple blog posts).

 

Thanks so much to all of you! Let's make 2020 the best year yet for the Community!

 

@AndreaMoore 

@Kaity 




ISC2 Community Manager
rslade
Influencer II

> AndreaMoore (Community Manager) mentioned you in a post! Join the conversation

>   I LOVE this idea of a
> group authored blog post!!! The theme could be something like 2020 Vision for
> Cybersecurity...   Once you have it written, send it to me at
> communications@isc2.org as well as a list of the authors and your twitter
> handles (if you want to be tagged).

We already did that. (Well, *I* already did that ...)

> We'll edit it

This implies that somehow what we/I did is not good enough, which is not so ...

>   Let's make 2020
> the best year yet for the Community!

Somebody make sure that Andrea lies down for a little bit ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
The world will little note, nor long remember, what we say here
- Abraham Lincoln, the Gettysburg Address
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
DHerrmann
Contributor II

@Caute-cautim - I recently used the term "radio" to describe WiFi.  

 

The people I was talking with had no idea that WiFi was radio!