At Webroot, we stay ahead
of cybersecurity trends in order to keep our customers up-to-date and secure. As the end of the year approaches, our team of experts has gathered their top cybersecurity predictions for 2019. What threats and changes should you brace for?
General Data Protection Regulation Penalties
“A large US-based tech company will get hammered by the new GDPR fines.” – Megan Shields, Webroot Associate General Counsel
When the General Data Protection Regulation (GDPR) became law in the EU last May, many businesses scrambled to implement the required privacy protections. In anticipation of this challenge for businesses, it seemed as though the Data Protection Authorities (the governing organizations overseeing GDPR compliance) were giving them time to adjust to the new regulations. However, it appears that time has passed. European Data Protection Supervisor Giovanni Buttarelli spoke with Reuters
in October and said the time for issuing penalizations is near. With GDPR privacy protection responsibilities now incumbent upon large tech companies with millions—if not billions—of users, as well as small to medium-sized businesses, noncompliance could mean huge penalties.
GDPR fines will depend
on the specifics of each infringement, but companies could face damages of up to 4% of their worldwide annual turnover, or up to 20 million Euros, whichever is greater. For example, if the GDPR had been in place during the 2013 Yahoo breach affecting 3 billion users, Yahoo could have faced anywhere from $80 million to $160 million in fines
. It’s also important to note that Buttarelli specifically mentions the potential for bans on processing personal data, at Data Protection Authorities’ discretion, which would effectively suspend a company’s data flows inside the EU.
“Further adoption of AI leading to automation of professions involving low social intelligence and creativity. It will also give birth to more advanced social engineering attacks.” – Paul Barnes, Webroot Sr. Director of Product Strategy
The Fouth Industrial Revolution is here and the markets are beginning to feel it. Machine learning algorithms and applied artificial intelligence programs are already infiltrating and disrupting top industries. Several of the largest financial institutions
in the world have integrated artificial intelligence into aspects of their businesses. Often these programs use natural language processing—giving them the ability to handle customer-facing roles more easily—to boost productivity.
From a risk perspective, new voice manipulation techniques and face mapping technologies
, in conjunction with other AI disciplines, will usher in a new dawn of social engineering that could be used in advanced spear-phishing attacks to influence political campaigns or even policy makers directly.
AI Will Be Crucial to the Survival of Small Businesses
AI and machine learning will continue to be the best way to respond to velocity and volume of malware attacks aimed at SMBs and MSP partners – George Anderson, Product Marketing Director
Our threat researchers don’t anticipate a decline in threat volume for small businesses in the coming year. Precise attacks, like those targeting RDP tools, have been on the rise
and show no signs of tapering. Beyond that, the sheer volume of data handled by businesses of all types of small businesses raises the probability and likely severity
of a breach.
If small and medium-sized businesses want to keep their IT teams from being inundated and overrun with alerts, false positives, and remediation requests, they’ll be forced to work AI and machine learning into their security solutions. Only machine learning can automate security intelligence accurately and effectively enough to enable categorization and proactive threat detection in near real time. By taking advantage of cloud computing platforms like Amazon Web Services, machine learning has the capability to scale with the increasing volume and complexity modern attacks, while remaining within reach in terms of price.
For more 2019 predictions, visit the Webroot blog.