Internet of things (IoT) networks and devices are likely to be the focus of one of the serious cyber threats over 2020, according to a pre-new year warning form the Information Security Forum (ISF).
The membership organisation has linked it with cloud and third parties as one of three significant threats that will face organisations over the year.
It said there will be a security concern around the complex interconnection of digitally connected devices and superfast networks, related to the use of cloud systems and sophisticated supply chains.
IoT devices are usually part of wider implementations with other devices operating as an intelligent whole, but the interconnectivity presents several security challenges, often in the overlap of consumer and operational/industrial technology.
The risks are intensified by the volume of critical data now being held in the cloud and by third parties, which provides extra targets for cyber criminals and hostile nations aiming to disrupt economies and take down critical infrastructure.
Another serious threat area is in the race for technology dominance, with efforts to steal intellectual property and an increase in protectionist measures. The ISF said that new regulations and international agreements will not be able to fully address the issues powered by advances in technology and their impact on society.
Thirdly, it highlighted the growth in cyber crime, perpetrated by criminals, nation states and people inside organisations. Targeted organisations should expect sustained and well funded attacks involving a range of techniques including zero day exploits, distributed denial of service and advanced persistent threats.
Attack surfaces expanding
Steve Durbin, managing director of the ISF, commented: “In today’s hyperconnected world, attack surfaces and interdependencies grow rapidly.
“As our dependence on technology increases, so does the need for sound risk management, assessment and mitigation increase in line with complexity. By understanding and evaluating how new technology will be rolled out, we can focus on the necessary controls to protect our data.”
He added: “Organisations must be fully aware of the risks the new digital world will bring before jumping headfirst into adopting new technologies. A dependency on digital products and services is unavoidable, however, mitigations and preparations can, and must, be made.
“The coming year will be volatile, but targets will be predictable. Establishing security by design and re-examining cyber resilience will prepare organizations against disruption.
“Digitisation promises much, and development of the next generation of technologies will bring significant benefits to business and society. To survive in the new digital world, organisations will have to adapt. To thrive they must evolve.”
Image from iStock, Henrik Jonsson