cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

How about an ISC2 Community Predictions for 2020?

Hi All

 

How about some debate about security and privacy predictions of our own for 2020? 

 

1)  Pushing things off the ramp, I believe IoT, IIoT, and OT - putting them in the same domain, although there is some subtle differences within OT.   This area will become a major concern in 2020, especially after the study on RSA digital certificates state within these IoT devices:  https://www.computing.co.uk/ctg/news/3084715/iot-encryption-weak?utm_source=Adestra&utm_medium=email...

 

2)  Is it not time for passwords to be phased out and for us to go FIDO instead?  https://fidoalliance.org/

 

Any thoughts on how to establish and achieve this in 2020?

 

3)  Ransomware is increasing, as shown with many education establishments in the USA lately being held to extortion attempts - so relate to IoT and they the cyber-criminals are likely to literally make a killing in terms of increased revenues to themselves.

 

4)  The ramifications of the CCPA and SB-327 will be known in 2020 and the likelihood of USA adopting a GDPR like legislation?

 

5)  Any others that come to mind?

 

Regards

 

Caute_cautim

 

38 Replies
DHerrmann
Contributor II

2 predictions for 2020:

 

1.  CCPA will drive everybody (consumers/retailers/corporations/etc) nuts.    Confusion will reign.

2.  The 2020 US election will be hacked.   Paper ballots will save us from chaos.    Or it'll be a Florida chad examination fiasco all over again.

rslade
Influencer II

> DHerrmann (Newcomer III) posted a new reply in Industry News on 01-02-2020 03:37

> @Caute-cautim - I recently used the term "radio" to describe WiFi.     The
> people I was talking with had no idea that WiFi was radio!

I weep for our generation ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Woe to you who long for the day of the Lord! Why do you long for
the day of the Lord? That day will be darkness, not light. It
will be as though a man fled from a lion only to meet a bear, as
though he entered his house and rested his hand on the wall only
to have a snake bite him. Will not the day of the Lord be
darkness, not light -- pitch dark, without a ray of brightness?
- Amos 5:18-20
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

I think I can check off one or two predictions already ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Chigo58
Newcomer I

Here are some risks summarised from the below article.
1. Insider threats
2. Phishing scams
3. Exposed DBs
4. Fatigued IT admins
5. Wrong C-Level priorities

In my humble opinion, #5 is the biggest issue.

https://www.helpnetsecurity.com/2020/01/06/cyber-risks-2020/
AndreaMoore
Community Manager

In keeping this blog post top-of-mind, adding this recent article for "food for thought." https://securityboulevard.com/2020/01/10-cybersecurity-trends-in-2020-you-need-to-keep-an-eye-on/

 

Would love to get this thread updated with more insights/feedback and compile into a blog post authored by all of you before end of January, if possible.

 

Any other predictions for 2020?

 

Thanks! 

 

 




ISC2 Community Manager
CISOScott
Community Champion

How about the vicious circle of buying cyber insurance to help with cyber attacks and then being attacked by ransomware creators because they know the cyber insurance will almost always advise to pay the ransom. Who then sell the fact that they got by paid by you to other ransomware creators so that you become a perpetual target?

rslade
Influencer II

> AndreaMoore (Community Manager) posted a new reply in Industry News on

>   Any other predictions for 2020?

Trebor the Magnificent peers into the mists of the future. The clouds (you should
pardon the expression) part. Trebor sees many, many, many industry
publications. Trebor sees many, many, many articles "predicting" various past
attacks based on opinion surveys (aka "pooling of ignorance").

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
The only thing necessary for the triumph of evil is for good men
to do nothing. - Edmund Burke
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
AppDefects
Community Champion


@AndreaMoore wrote:

 

Any other predictions for 2020?

 


@AndreaMoore here are my top 5 predictions for 2020:

 

  1. Ransomware will persist.
  2. 5G will accelerate data theft.
  3. Mobile and IoT devices will disrupt online payment systems.
  4. Nation-state actors will continue to help spread disinformation through online ADs propagated by Silicon Valley giants.
  5. Cloud brokers will be held responsible for allowing nation state actors and other cyber-factions the opportunity to weaponize.

Did anyone write the blog post? I'm willing...

AndreaMoore
Community Manager

@AppDefects No one yet. Awesome. Thanks for writing/compiling it! 




ISC2 Community Manager
Caute_cautim
Community Champion

Hi All

 

Apologies went into RFP mode after New Year and the mad rush to get responses out to clients - yes, those entities, who don't believe in festive holidays, but pay the wages, so to speak.

 

  @AppDefects Can we work privately as a group on this compilation, collectively - then put our best foot forward?  I will collate what we have put down and I have a few more thoughts as well.  But as you say lets get the pedal to ground and get it written and moving forward.  Don't want swamp and bore everyone else, but everyone's opinion and suggestions all help to craft a better blog in the end.

 

But please feel free to set this in motion - just in case something else catches me unaware in the next couple of days. 

 

Regards

 

Caute_cautim