Predictions

Internet of Things devices are now an accepted part of our home and business lives. They've led to increased focus on edge computing too thanks to the large volumes of data they generate, but what do industry experts think is going to happen in this sector in 2020?

Karl Sigler, threat intelligence manager at Trustwave SpiderLabs thinks the dev-security lifecycle will become the Achilles heel for IoT devices. "IoT devices are not getting any safer. With the huge influx of IoT devices in homes and organizations, the attack surface targeted by criminals is just getting larger and more diverse. Manufacturers and developers need to take the security reins. But today's IoT solutions are often missing security quality assurance during their product development lifecycle. High bandwidth, direct connections to the internet via 5G will increase the threat of Mirai-like botnets. These direct connections will also provide attackers the ability to bypass perimeter protections that are normally in place in homes and organizations. All manufacturers should add security vetting to their product development lifecycle, especially with the cloud and 5G in mind, to get IoT device security in check before the number of vulnerable devices in the market becomes overwhelming."

With the California Consumer Privacy Act (CCPA) set to come into force in January, privacy and how companies use data is set to be one of the big themes of 2020. What do some of the industry’s leading figures think this will mean?

Peter Reinhardt, CEO and co-founder of Segment believes, "Though the GDPR roll-out should have given American companies a good taste of what was to come, it's still likely that most will do the bare minimum to comply with the CCPA until the US government starts enforcing it in 2020.

Not too long ago, information security was a human scale issue. Because the number of assets to compromise was contained, and because there were only a few attack vectors in the adversarial arsenal, enterprises were able to train security analysts to identify and mitigate threats and vulnerabilities.

Managed endpoints, internal applications, routers, switches, DNS servers and domain controllers compromised the majority of an enterprise’s network presence. In today’s world, mobile devices, cloud applications, IoT, and third party connections to vendors have dramatically grown the enterprise digital footprint. Additionally, adversaries were not nearly as sophisticated as they are today, leveraging only a small fraction of modern day attack vectors. Today’s threat actors have a much larger arsenal of attack vectors to use, including newly discovered vulnerabilities, misconfigured cloud services, and more services and applications exposed to the internet.

Multi-cloud environments have been a hot topic for the last year. Already, businesses have been realizing the benefits of a vendor-agnostic approach, which not only minimizes costs but gives them the freedom to innovate. However, there are a couple of aspects of operations which will be key in ensuring multi-cloud remains viable for enterprises in the long-term.

Despite the freedom which comes with a vendor neutral ecosystem, orchestrators haven’t yet overcome the headache associated with migrating workloads between these different cloud infrastructures. The past year saw major cloud players like IBM making acquisitions to address this, but as yet, they haven’t found a successful solution. Over the next year, this will be a priority for enterprises looking to remove the bottlenecks in their CI/CD pipeline. Organizations will invest in services which can help them harness a multi-cloud ecosystem, by supporting fast deployment, scalability, integration and operational tasks across public and private clouds.

Artificial intelligence is making its way into more and more areas of our lives. But what can we expect to see happen in this area in 2020? Some industry experts share their views on the latest AI trends.

Synthetic data specialist ARM Insight believes, "There will be a huge investment return gap between those using basic analytics or simplistic machine learning on data from those that are using true artificial intelligence. Machine learning simply won’t cut it any more. Artificial intelligence will be the only path to maximum data value."

It's the time of year again where the great and good of the tech sector like to consult the tea leaves, gaze into the crystal ball, read the runes -- and of course draw on their industry knowledge -- to give their predictions for the year ahead.

So, what do they think is in store for cybersecurity in 2020?

It's hard to believe that artificial intelligence is in its earliest stages. But for however many Alexas and self-driving cars we have now, experts say we have only scratched the surface of what AI can achieve.

In 2020, we'll see even more new applications of it -- here's what to expect.

Predicting everything that will happen in 2020 is an impossible task, however, the foundation has been laid for two security events to occur. First, all signs point towards the enactment of a federal data privacy law. The fact that the California Consumer Privacy Act (CCPA) is slated to be enacted on January 1, 2020; shows that the US is starting to take a more steadfast approach to consumer privacy. However, if every state were to enact their own laws, then organizations that operate within the US would have to navigate through 50 different mandates. One unified, federal regulation would make it far more seamless for businesses to continue operations, all while remaining compliant.

Second, it is likely that we will see foreign meddling occur in the 2020 US presidential election. This occurred in 2016, and there have already been reports of foreign entities attempting to interfere with US government agencies. In fact, the state of Ohio recently thwarted an attack from a Russian-backed organization on its voting systems. Let’s dive more into these predictions below.

I’ve already written one prediction about autonomous cars -- that they’ll be far later to the market than most pundits and autonomous car inventors are suggesting. Today’s prediction is about a tangentially-related technology -- aerial delivery drones. These drones are definitely coming just as fast as regulators will allow them, but I don’t think they’ll be implemented in the way people expect. What we’ll see, I predict, is something I call Pizza-to-the-Neighborhood or PTTN.

Aerial drones are a new type of distribution network operating in a new kind of ether. They don’t travel on roads and neither do they travel in what we conventionally think of as airspace. Flying over cities, which is where these delivery drones are going to be used, airplanes are legally restricted from operating below 1000 feet unless they are actively taking-off or landing. Helicopters get to break this rule a bit because they can claim to be taking-off or landing almost anywhere, but fixed-wing aircraft have to stay above 1000 feet, making below 1000 feet the emerging realm of autonomous drones.

Prediction #2 -- And then there were only 3.5 VPC Cloud players. Cloud computing will continue to grow in 2019 with the key term being not Public Cloud, Private Cloud or Hybrid Cloud -- which are all so 2018 -- but Virtual Private Cloud (VPC). Virtual Private Cloud is an Amazon Web Services (AWS) invention but all the AWS competitors seem to be embracing the idea.

What has developed is that the VPC solution based on Open Source using Linux will change the Internet-as-a-Service (IaaS) Cloudscape to VPC-only during 2019.