Hyperconnectivity driven by the rise of the digital-everything economy and the internet of things (IoT) will soon disrupt the cybersecurity landscape in a way that hasn’t been seen in the past—and organizations should act now to be prepared. That’s the assessment from The Information Security Forum (ISF)’s Threat Horizon 2019 report, which frames this year’s trends as setting the stage for much worse scenarios down the road. The rest of 2017, the report noted, will see the rise of more and more connected things, increasing sophistication in crime syndicates, an over-dependence on critical infrastructure and weaponized systemic vulnerabilities, all against a backdrop of crumbling legacy technology and global consolidation. All of that will mean that the impact of data breaches increases dramatically. “How an organization responds to today’s increasing cybersecurity threats will vary based on a number of factors, including its unique blend of people and skills, products and services offered and approach to risk management,” said Steve Durbin, managing director of the ISF. “However, an organization that is well-informed about emerging technologies and corresponding threats will be best placed to make winning decisions. The key differentiating factor will be the degree to which organizations are prepared to meet the challenges of a fully connected society.” That will be critical given the ISF’s expectations for next year. The report predicts that the IoT will continue to leak sensitive information, while opaque algorithms compromise integrity. Also, rogue governments will start to use terrorist groups to launch cyber-attacks, as criminal capabilities expand gaps in international policing. And, researchers will be silenced to hide security vulnerabilities while the cyber-insurance safety net is pulled away. Regulations will fragment the cloud. By 2019, organizations will be faced with a hyper-connected world where the pace and scale of change—particularly in terms of technology—will have accelerated substantially. ISF said that we’ll see premeditated internet outages bringing trade to its knees; ransomware hijacking the IoT; privileged insiders coerced into giving up the crown jewels; automated misinformation and falsified information that compromises performance; subverted blockchains that shatter trust; surveillance laws exposing corporate secrets; privacy regulations impeding the monitoring of insider threats; and a headlong rush to deploy artificial intelligence that will lead to unexpected outcomes. Navigating this calls for a strong collaborative culture with the right people congregating at the right time to play their part in ensuring success, the report postulates. In all, the document highlights nine major threats, broken down into three challenging themes that organizations can expect to face over the next two years as a result of increasing developments in technology: 1. Disruption: From an over reliance on fragile connectivity requiring a seismic shift in the way business continuity is planned, practiced and implemented. 2. Distortion: As trust in the integrity of information is lost, the monitoring of access and changes to sensitive information will become critical as will the development of complex incident management procedures. 3. Deterioration: When controls are eroded by regulations and technology bringing a heightened focus on risk assessment and management in the light of regulatory changes and the increased prevalence of artificial intelligence in everyday technology. “Traditional business models will certainly be disrupted over the next two years, forcing business leaders to develop cutting-edge trading models while dealing with new regulation, advanced technology and distorted information,” said Durbin. “With established controls rendered ineffective by the latest security threats, new and innovative ways must be found to protect an organization’s most critical information assets.” Some of the recommendations include changing up existing business continuity plans to engage with internal and external stakeholders to agree alternative methods of communication (e.g. telex, satellite, microwave); and lobbying for minimum security standards for IoT devices via regulation. Having a clear sense of who has access to which critical assets and how to manage that will be crucial; as will monitoring access and changes made to sensitive information, using tools such as a Federated Identity and Access Management (FIAM) systems and Content Management Systems (CMS). The ISF also recommends building collaboration across the organization, and conducting a risk assessment to understand the impact of metadata being lost by a communications provider. Businesses should also hire AI specialists now. “Moving forward, organizations must prepare themselves for unprecedented levels of collaboration,” said Durbin. “Legal, compliance, audit, HR, IT, information security and other stakeholders must congregate to assess risks and inform the decision-making process. This collaboration should be extended to partners, manufacturers, vendors and regulators to ensure information security requirements are met.”
Carriers’ 5G plans are Rooted in SDN/NFV, Says Ixia Survey
A new survey sponsored by Ixia reinforces the impression that telecommunications companies around the world...
Other content in this Stream
BT hooks up with Google Cloud Platform
BT launched a new service that allows organizations fast and secure access to the Google Cloud platform. With the proliferation of cloud-based services, carriers need to ensure they have...
CSPs Prove Eager to Embrace Edge Computing
Almost 70% of service providers in this month's Thought Leadership Council (TLC) survey say they either already have or will move compute and application execution to the edge by 2020.
T-Mobile's Mayo: Edge computing is ‘not as imminent as maybe the hype cycle would suggest’
DALLAS—A top T-Mobile executive said that edge computing could well bloom into a major opportunity, but not anytime soon.
CSPs Still Puzzling Over NFV Business Case
TM Forum Digital Transformation Tracker shows diversity of views on virtualization, but many still can't seem to make it pay.
A Deep Dive Into CenturyLink's Operations Transformation & Roadmap
For CenturyLink, transformation is about enhancing its business in terms of effectiveness, cost efficiency and customer experience. So how is it trying to achieve that?
Industry Voices—Doyle: The promise of open source and the current state of telecom adoption
The adoption of open source software for NFV deployments by CSPs has largely failed to live up to industry expectations. Open source software has been installed in communication service providers'...
CenturyLink Adds Dynamic Cloud Connections
New Layer 2-based service promises cloud connections in minutes to enterprises in fiber-fed buildings globally.
CenturyLink on How Automation & Analytics Are Improving Security
Automation provides operators with the means to respond to threats faster and even preempt an event, but controlling new security software also increases complexity for service providers.
Managed security services a sweet spot for service providers—report
With security concerns continuing unabated, carriers stand to make a tidy profit in delivering managed security solutions to their customers. According to International Data Corporation's updated...
Smaller Telcos Can Connect to Public Clouds Via Tata Communicatio
Tata Communications Transformation Services is helping smaller Tier 2 and Tier 3 telcos connect to public clouds via its Cloud Exchange.
AT&T touts theoretical peaks of 1 Gbps on LTE while talking up mobile 5G
AT&T offered an update on its LTE network upgrade efforts at the same time top executives touted the opportunities that will be created by the carrier’s pending rollout of 5G network technology.
SD-WAN vs. Next-Gen Firewalls: Chicken or the Egg?
At the SD-WAN Summit 2018 in Paris, one of the more contentious debates was which will come first: next-generation firewall or new SD-WAN capabilities?
Leveraging Segmentation to Secure IoT
To adequately protect networks and the IoT, organizations require a broad security architecture that can span networked environments, powerful security tools that can dynamically segment IoT...
AT&T releases white box specifications into Open Compute Project
Ahead of deploying white boxes into thousands of its cell sites over the coming years, AT&T has released its white box specifications into the OCP. While AT&T has been working with several vendors...
Security could make telcos more than a utility in the smart home
With the smart home becoming more of a reality, new research from Open-Xchange suggests the largely ignored security market could be a money-spinner for the telco industry.
X by Orange takes cloud-native approach to serving business customers
Orange Spain subsidiary X by Orange is embracing a cloud-native platform to deliver digital services to its business customers. The service is notable because it eschews traditional network...
Vodafone's Heeran: Defining the Telco Cloud
Vodafone's head of cloud and automation wants to define the telco cloud so that everyone's singing from the same hymn sheet.
Editor's Corner—Open source is not 'one size fits all'
Open source communities are no doubt playing a key role in moving the telecommunications industry forward, but not everyone is on board the bandwagon. Rikard Kjellberg, chief marketing officer of...
Spanning the globe: CenturyLink goes worldwide with its SD-WAN service
Thanks in part to its deal to buy Level 3, CenturyLink has rolled out its SD-WAN service to more than 36 countries across the globe. CenturyLink's SD-WAN service has stretched its legs out of...
Don't Be Afraid to Reboot Your Cloud Architecture