Small business cyber security took many interesting turns in 2019. From the rise of novel forms of attack to an increased reliance on sophisticated technology, it is clear that security is a rapidly changing field.
In 2019 it was predicted that things like cloud technology and growth of the IoT (Internet of Things) would have a significant impact on the way small businesses thought about and undertook cyber security. That proved to be correct – and these trends will mostly continue into 2020.
However, it is also clear that cyber security is entering new terrain.
5 Trends for Small Business Cyber Security in 2020
1. Passwords are on Their Way Out
In 2020, security will begin shifting from the use of strong (or weak) passwords to the use of multiple authentication factors and biometrics. These are tied to a user’s identity and cannot be easily stolen or reproduced.
Passwords have been a staple since the earliest days of the internet. Just a few years ago, it was estimated that there would be some 3.4 billion passwords in use on devices and accounts by 2020. Developing strong passwords has long been seen as the first line of defense against cybercriminals.
However, that is rapidly changing. The most robust passwords – jumbles of letters, numbers, and symbols – have proven too hard for the majority of the population to adopt. Security experts from numerous firms point out that people also opt to reuse one or two passwords, which might seem to be strong. Each additional reuse grants another opportunity for a hacker to steal it, thus potentially compromising a string of user accounts.
According to the creator of HaveIBeenPwned, an increasing number of data breaches and data leaks are a direct result of weak passwords and password reuse.
In 2020, that is going to change as cyber security strives to adopt credentialing methods that hackers cannot steal.
2. Threats to the Internet of Things (IoT)
The world is anxiously awaiting for the commercial rollout of 5G. Around half of the US may have access to it by the end of next year. 5G is the prerequisite for the rise of a practical Internet of Things – and hackers are eagerly anticipating it, too.
The Internet of Things is different from the internet in that devices do not connect to a central router but rather directly to themselves. As a result, it will become much easier for small business cyber security strategies to overlook this internet-connected device in the office.
However, that will prove dangerous. These devices will have access to the same network upon which the company computers will operate. The Internet of Things within an office can very quickly become a soft underbelly around a company’s defenses – a threat that, according to Symantec, is already on the rise.
3. Supply Chain Attacks Are on the Rise
A supply chain attack happens when a hacker infiltrates your system through an outside partner or provider with access to your systems and data. That might involve malware embedded in real software, or data that becomes compromised as a result of a cyber attack on a business partner. In the past few years, there have been more suppliers and service providers touching sensitive data than ever before. A good example is the 2014 Target data breach which was caused by a third party vendor.
According to Cisco, supply chain attacks are one of the biggest threats to small businesses. SMBs are not just attractive to hackers because they may lack robust security defenses. It is also because they may not necessarily know who has access to their sensitive information. As a result, hackers are choosing to target vendors of SMBs in an attempt to get at precious data – and it’s working.
4. The Risks of Shadow IT Will Come to Light
Shadow IT is the installation or creation of IT infrastructure by employees without the knowledge or permission of the IT department. Shadow IT examples include consumer applications in the cloud such as file sharing apps, social media, and collaboration tools such as Office 365.
However, while the IT department is not responsible for the physical infrastructure or even managing of the application, they are still responsible for ensuring security and compliance for the corporate data employees upload to the cloud. This puts the IT department in the uncomfortable position of saying no to employees using cloud applications. Although most of these tools help employees do their jobs, they also provide a convenient backdoor for cyberattacks because they usually lack security.
Cyber security watchdog Analytics Insight estimates that at least 33 % of all cyberattacks in 2020 will leverage shadow IT in a company. Organizations need to act now to discover, secure, and curtail this severe blind spot before it is too late.
5. Cloud Security Takes a Tumble
The cloud has enjoyed the long-standing perception of security. But in 2020, that might begin to slip.
Forrester notes that as the public cloud becomes mainstream in company options, companies are looking for a way to enjoy privacy and security. Hybrid cloud solutions – the use of public and private clouds – were briefly touted as the ideal solution to balancing these needs. However, it is rapidly becoming evident that hybrid solutions are susceptible to many of the same security issues plaguing regular servers. In 2019’s breach of Capital One’s AWS service highlights this. A misconfigured firewall allowed a former employee to access applications that had access to the finance giant’s cloud – and 100 million consumer records.
Protect Your Small Business in 2020 with RJ Young
Small business cyber security has become more imperative than ever. Despite the adoption of sophisticated strategies like the use of managed IT service providers, cybercriminals remain undeterred. That is why it is necessary to stay ahead of the curve by anticipating trends. The best defense is not just a good offense, but rather being proactive and staying prepared.
RJ Young helps companies in Huntsville, Nashville, Chattanooga, Birmingham and throughout the southeast secure their office environments and enjoy operational efficiency. Contact RJ Young now.