Around this time every year, my inbox fills with the same repetitive junk.
“Would you consider putting [any random company] in your gift guide?”, “are you going to CES and if so can I pitch you [a gadget that literally won’t be around this time next year]?”, and, “do you want to cover [a company you’ve never hard of’s] predictions for next year?”
To which I always respond: “No,” “absolutely not” and “predictions are not news.”
The “predictions” emails piss me off. Most of the companies that offer predictions don’t seem to fully understand the security field outside their particular niche, or worse, have an agenda they’re trying to push. This year was no different. I trawled through my inbox, scanning literally dozens of emails pushing “predictions” for the coming year.
“Artificial intelligence will stop a data breach,” said one email. “The supply chain will face more attacks,” said another. And, my personal favorite, “bad actors will combine multiple attack types to create synergistic super threats.”
Hate to break it to you, but “super threats” are not a thing.
If you thought 2018 was a tough year for tech, 2019 is going to be so much worse. The groundwork we laid this year will roll over into the next, and that’s when things will start to hit hard, from new laws and political (in)decisions to privacy issues and how employees — not companies — will start to call the shots.
Here’s what you need to know for 2019 in security.
Expect more data leaks and exposures — but not just breaches
2018 saw a rising trend in data leaks and exposures — specifically data that’s not protected with even the most basic security, like a password.
We’ve seen a ton of sites and services exposed in the past year — from gym booking sites, anonymous social network Blind, Urban Massage, FedEx, Canadian internet provider Altima, Amazon and fitness app Polar, to name a few.
Exposed databases and user data can be easily found, yet are entirely preventable — often simply by setting a password. Breaches, where a hacker exploits a vulnerability, are more difficult and require some level of skill, making them less common. But human error, a lack of security smarts or just sheer laziness makes exposed data more discoverable, and yet there’s no sign of data exposures dying down any time soon.