As we enter the new year, we can look back on 2019 and recap lessons learned and overall trends. While you can’t predict what will happen going forward you can gain insights from the cybersecurity challenges and guidance that was available this past year.  The theme these items have in common is growth. Growth in regulations now and coming, technology utilization growth and the associated security ramifications, and of course the growing number of cyber breaches and incidents. In addition, smaller businesses were the focus of the US CISA guide on how leaders can elevate their cyber readiness. Read all the details below. This recap is intended to help organizations review their plans and security coverage and help them prepare for a successful year ahead.

 

Cybersecurity Regulations Keep Increasing

 

Privacy and unauthorized access to personally identifiable information have not gone unnoticed.  Lawmakers’ interest in providing better protection was one of the many drivers for the California Consumer Privacy Act (CCPA) which is effective January 1st.

Many other states amended or expanded existing breach and notification laws. Illinois (SB 1624) is one example. This amendment to the Personal Information Protection Act, requires businesses to notify the Attorney General of breaches involving at least 500 Illinois residents. The Attorney General will also be permitted to publish information concerning breaches.

Some industries are experiencing increased data privacy and security scrutiny. To date, the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law has been adopted in 8 states AL, CT, DE, MI, MS, NH, OH, and SC. A voluntary move for these states, but there is legislative pressure to require all states to enforce this model.

 

Rapid Technology Growth

 

Many industries are in a period of transformation as they leverage technology to evolve their business. For example, technological innovation is sweeping across the manufacturing industry. Cybersecurity has to become a top priority. Manufacturers are using cutting-edge digital technology to a greater degree than ever before. From sensors in equipment, digitizing supply chains, and gathering data from customers to enhance their experience. The increasing number of electronic connections makes business even more vulnerable to cyberattacks. The aftermath is business disruption or exfiltration of intellectual property.

Even across small businesses, technology is enabling them to achieve goals formerly only available to those who could afford enterprise-level solutions.  Shared platforms and software-as-a-service are enabling unified communications across multiple channels. Customer engagement is now almost seamless, and tracks preferred digital communications.  Next-best-actions or decisions with machine learning are reducing time and resources as well as providing critical data-driven intelligence to enable broad market changes.

However, these same technologies are also used by cybercriminal rings. They profit from the creation of black market exchanges that enable cybercrime-as-a-service.  Opening the door to malicious activities supporting entities that don’t even need cyber skills of their own. All they need to do is press a button, get an invoice, and chose a target.

The most important aspect looking forward is ensuring security and incident response that can scale and provide 24/7 coverage in order to detect growing threats and give direction for immediate countermeasures. Security service providers that offer the latest security technologies with SLA’s for the care and management of protecting a business is one way that smaller organizations are able to keep pace. Growth in technology utilization should also include an assessment of the compliance, and potential security upgrades needed to protect business investments.

 

2019 Recap and Cyber Readiness

 

2019 also saw a growing number of breaches and the year where ransomware hit epidemic levels. The problem is not going away and to help organizations counter this consistent business problem the U.S. Cybersecurity and Infrastructure Security Agency (CISA) created a cyber-security essentials guide for building a culture of cyber readiness.  A good collection of security basics focused on growing awareness and building good security choices for business leaders.

• Building a culture of Cyber Readiness Guide

While 2019 is now behind us, the lessons and insights from last year’s cybersecurity growth spurt are not going away. If you would like to see how you can improve your coverage and the value of your security spending TECH LOCK provides cost-effective consulting and managed security services. See how your 2020 business can achieve more with integrated compliance assessments and orchestrated security incident management. Our expert team can help you protect your 2020 and provide you with peace-of-mind, set up a meeting today to see how.