Deepfakes and the rise of 5G deployment are among the biggest threats to security next year, cybersecurity firm Forcepoint said in its predictions for 2020.
The accelerating public cloud adoption will see more breaches, both from external and internal parties, as cloud applications become more ubiquitous.
According to the Austin, Texas-based firm, these threats will also require enterprises to monitor access, configurations and analyse risky user behaviours as the burden of protecting business-critical data lies on the enterprise while deploying public cloud, it said.
Deepfake technology, which is the process of swapping a person's image or video with another one using artificial intelligence, is becoming more real-like. Criminals can use deepfakes to impersonate high-level targets at enterprises to scam employees and transfer money into fraudulent accounts, Forcepoint said.
The cybersecurity firm has found that ransomware authors are using deepfake technology to threaten victims with realistic videos of them in compromising situations. In politics, the technology is used to discredit candidates and influence voters through inaccurate political messages on social media platforms.
With 5G deployments expected to ramp up next year, the high data transfer speeds can lead to data thefts at an increased rate, Forcepoint said.
"The more reliable connectivity and lower latency of 5G will also work in favour of determined employees wishing to transfer swathes of corporate data. The cybersecurity stack needs to have visibility and control of such data movement or else organisations risk being unable to identify data theft," the company said in the media release.
Even as enterprises move to a cloud-first strategy in their digital transformation journey, they wrongly believe that cloud providers will also secure the infrastructure, Forcepoint said in the statement. However, the company sees a ray of hope as enterprises move from indicators of compromise (IoC) to indicators of behaviour (IoB) model, which it believes will better protect their data in the modern network environments.
Also, with the increasing data protection and privacy regulations across the world, businesses will mature in their approach to the legislations, Forcepoint said, adding that maintaining customer data privacy and protection can be a differentiator of the business’s service.
“By shifting from the outside-in approach to inside-out approach and keeping users and data at the centre of their cybersecurity design thinking, it will help organizations mitigate threats in near-real-time in today’s sophisticated threat landscape,” said Surendra Singh, senior director and country manager, India and SAARC, Forcepoint.
An outside-in approach looks at how external attackers are seeking to penetrate a perimeter while an inside-out approach is understanding the risks that lie within the company.
Emerging technology has given rise to concerns over data security. A recent report from networking cybersecurity firm Juniper Networks had said that IT service providers (SP) in the Asia Pacific region are increasingly worried over security as the adoption of distributed cloud, internet of things (IoT) and 5G accelerates.
Other research has shown that enterprises vastly overrate cloud security. In fact, about 72 % of Indian enterprises have misplaced confidence in cloud providers’ security, Palo Alto Networks had recently said in its report.
Apart from 5G and cloud, other technologies like AI, blockchain and robotic process automation or RPA have made businesses more complex. This, in turn, is leading to more complex risks.