IT security experts in Europe and Asia were asked: How will cyber attacks develop between now and 2025 and what do we have to do in order to successfully combat them? The answers provide clear indications as to what companies and users will have to deal with and in which areas urgent action needs to be taken.
Danger no. 1:
The number of attacks with regard to the Internet of Things will explode. This is expected by nearly a quarter of those surveyed. It is not just the comparative ease with which devices can be attacked which is seen as a danger.
The Internet of Things is also seen as the trigger for a rise in cyber crime. “The Internet of Things will play an important role in the future. Everything will be interconnected. Due to various standards existing in parallel, there will be huge IT security problems. Ancient attacks will happen again – especially due to the Internet of Things because nobody is providing for IT security (and most of the devices are not even able to offer an adequate level of IT security protection).” (Commentary of an expert in its original wording)
Danger no. 2:
Malware of the next generation will be even more dangerous. According to the experts, malware in all its forms will be developed even further.
“Customers accept integrated backdoors in standard software (e.g. Windows 10). These security gaps can be insufficiently secured by the software provider and therefore be exploited by hackers. Autonomously acting computer programs are going to attack systems with previously unknown precision, range and speed.” (Expert commentary)
Danger no. 3:
The user as starting point for attacks, especially for social engineering attacks. “Users will remain the weakest link in the entire system.” (Expert commentary)
Users are considered today, as well as in the future, the starting point for targeted and mass attacks. Particularly dangerous are social engineering attacks. Attackers spy on their victim’s personal environment or assume fake identities. Several cases involving losses in the amount of tens of millions of euros became known already.
What should companies do in order to be fit for the future?
Experts have provided clear answers to that question, recommending strategic courses of action to ensure higher levels of security in corporate IT.
Raise awareness at all levels of the corporate hierarchy and train your IT security responsibles on an ongoing basis.
Humans are at the heart of proper resource allocation that is recommended by the experts for the future. Nearly fifty per cent of the experts point to a lack of awareness in respect of IT security at all levels of the hierarchy.
“The lack of professionals is certainly one of the most crucial problems at the moment, but the biggest problem of all is the ignorance displayed at the CxO level, and that IT security is only seen as a cost factor until something really bad happens. This is today’s situation, it may slightly change between now and 2025.” (Expert commentary)
The new technologies strengthen the need to focus urgently on awareness of IT security.
“The cloud is responsible for most of the security problems due to the need to cut costs in companies. Individuals and companies still do not pay much attention to IT security. In 2025, even more important data will be available online, more systems will be connected and can be manipulated with terrible consequences.” (Expert commentary)
Pay more attention to the automated analysis of security-relevant data in real time
Investing in the advancement of IT security technologies has to come immediately after investing in human resources. Experts see a need to invest above all in the automated analysis of security-relevant data in real time. Similarly, the merging of IT hidden in products and the related IT security is a topic that has been addressed on a number of occasions. That means that IT security needs to be considered already during product development.
“(What needs to be created is…) an improved overall approach to the issue of IT security: predicting attacks and implementing security mechanisms in the applications themselves, not just on the security level above.” (Expert commentary)
Get involved in the promotion and design of It security research and harness your advantages
Research on the use of artificial intelligence and automated attack detection methods are the most important approaches for IT security technology of the future. Groundbreaking developments should be expected by 2025. Similarly, new authentication procedures will make up key security mechanisms in the future.
Whether cyber attackers or IT security officers win the global race will depend above all on the respective progress in technology. “IT security systems could communicate with each other better and tune each other (self-defence of the systems). It is doubtful whether this will be possible within the scope of artificial intelligence by 2025.” (expert commentary)
