1、20 Predictions for 2020 Preparing for the Future of Digital Risk 20 Predictions for 20202 If the past decade has taught us anything, its that change is a constant. Fueled by technological innovation and digital transformation, our world is evolving and changing more quickly than everand that include

2、s unprecedented digital risk. What changes can you expect in 2020? Weve outlined RSAs top 20 predictions for the security and risk industry with a focus on the elements of digital risk that will shape the future of your business. Read on for the challenges and threats most likely to affect organizat

3、ions, governments and individuals over the next year and beyond. 20 Predictions for 20203 The rise of the cyber-savvy board Accountability for cyber risk will move up the org chart, with forward- thinking businesses appointing board members with experience in risk management and information security

4、. Over time, investors will further elevate the need for clear digital risk management strategies, and such board expertise will become the new normal. What risk factors will threaten your success in 2020? Assess your digital risk exposure with the RSA Digital Risk Index. #1 Business PredictionsInfo

5、Sec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 20204 Authentication demands adapt to evolving needs Despite a growing list of options, there is still no one-size-fits-all solution for identity and access management. Better buyer su

6、pport and more decision-making guides will help businesses looking to strike a balance between security and user experience. #2 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 20205 A focus on data sovereignt

7、y in the Middle East As Turkish, Middle Eastern and North African businesses rush to the cloud, countries will demand that data centers be established within their borders. Major technology providers will feel the pressure, and invest more heavily in the region. #3 Business PredictionsInfoSec Predic

8、tionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 20206 Brexit brings new risk assessments With the UKs exit from the E.U. looming, businesses must reevaluate their risk assessmentincluding identifying and mitigating Brexit- associated cyber th

9、reats. #4 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 20207 Security shifts left Increasing demand for cloud-native apps will force security teams to work more closely with DevOps. Moving pentesting and c

10、ode analysis up in the development lifecycle will boost product security. But security teams will need to communicate with developers in a language they understandfor example, referencing delays and unplanned work instead of talking about vulnerabilities. 3.5 MILLION cybersecurity jobs will go unfil

11、led around the world by 2021.2 #5 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 20208 Technology helps close the skills gap Even with the best tools, processes and budget, a lack of talent makes it hard to

12、manage cyber riskand more than half of companies surveyed report a “problematic shortage” of cybersecurity skills.1 Businesses will look to reduce dependency on talent via security orchestration and automation software, risk- based prioritization, and comprehensive threat analytics. RSA partners wit

13、h local governments and universities across the Asia-Pacific region to train the next generation of cybersecurity talent.3 #6 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 20209 A.I.s black box opens a crac

14、k Artificial intelligence (AI) will evolve to a point where recommendations based on its analysis can be more readily understoodeven by those without technical skills. $30.9 BILLION will be spent on AI-based cybersecurity systems and services by 2025.4 #7 Business PredictionsInfoSec PredictionsTechn

15、ology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202010 Legacy systems under the microscope Many businesses operate on a fragile network of legacy systems, stitched together with API connections. The stage is set for a security incident that disrupts th

16、is patchwork, triggering major outages and serving as a wake-up call to evaluate legacy system security. #8 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202011 Cybersecurity and democracy collide Have gove

17、rnments learned anything from 2016? This election cycle will prove pivotal in shaping the future of election security. #9 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202012 Hacking attacks rise in the cry

18、ptosphere The security of cryptocurrencies rests on safeguarding users private keys. Cybercriminals tend to follow the money, so expect cryptocurrency to be at the top of attackers wish lists in 2020. #10 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer Predicti

19、onsRegulatory Predictions 20 Predictions for 202013 An attack at the edge puts businesses on notice The continued proliferation of IoT devices is making edge computing an essential component of IT infrastructure. But threat visibility becomes more critical as the number of endpoints in the network m

20、ultiplies. A major security incident could see enterprises rushing to invest in monitored and controlled device gateways. #11 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 53% of those engaged in digital transformation say cy

21、ber-attack risk is their PRIMARY RISK MANAGEMENT CONCERN.5 20 Predictions for 202014 Criminals focus on taking over accounts Savvy cybercriminals are shifting their focus from stealing credentials to infiltrating password recovery mechanisms, with a goal of harvesting and resetting user credentials

22、en masse. User identities will be reestablished with new usernames and passwords as fast as you can say “cybercriminal.” #12 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202015 A target on the infrastructu

23、re backbone Too much of global infrastructure, including fundamentals like water and power, relies on aging technology vulnerable to exploitation. Expect to see nations bolster industrial control system (ICS) monitoring and defenses, in hopes of fending off increasingly commonplaceand devastatingatt

24、acks. #13 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202016 A new angle for ransomware The popular attack vector wont just hold your data hostageit will stop you from connecting to critical infrastructur

25、e. How much would you pay for access to your systems and accounts? #14 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202017 Cybersecurity gets physical With global events such as the Summer Olympics and Dub

26、ai World Expo delivering experiences through a blend of infrastructure and connected systems, cybersecurity will move beyond data to encompass more and more of our physical well-beingor “cyber safety.” In the first six months of 2019, RSA detected 63% MORE GLOBAL FRAUD ATTACKS than it did over the s

27、ame period in 2018.6 #15 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202018 Companies pass the BYOD hot potato Bring Your Own Data (BYOD) programs bring tremendous assetsand new cybersecurity liabilities.

28、 More and more businesses will use BYOD policies such as user-owned decentralized storage to limit liabilityand leave it to employees. Meanwhile, organizations that dont directly monetize data will make data security consumers problem. #16 Business PredictionsInfoSec PredictionsTechnology Prediction

29、sCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202019 IoT attacks shake consumer confidence Motivated more by vast disruption than a big payout, malicious actors will attack the unsecured IoT endpoint of a popular connected device. Consumers will question their secur

30、ity assumptionsraising important questions about weaknesses in, and governance of, virtual assistants. #17 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202020 Spoofing goes mainstream A popular mobile app

31、will offer consumers on-demand animated spoofingand trigger widespread discussion of deepfakes, media integrity, and how to regulate and police false content. #18 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions f

32、or 202021 Breach accountability gets even murkier A high-profile organizational breach will be traced to an API integration. So, who pays the GDPR fine? The resulting controversy will spark debate about regulatory accountability in a growing third- party ecosystem. DATA PRIVACY is a top risk managem

33、ent concern for North American organizations with more than 5,000 employees.7 #19 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions 20 Predictions for 202022 The Feds punt on privacy Despite many states ratifying data privacy law

34、s in 2019, the U.S. federal government wont reach agreement on 2020 privacy legislationleaving states to regulate the issue. #20 Business PredictionsInfoSec PredictionsTechnology PredictionsCyber PredictionsConsumer PredictionsRegulatory Predictions The future is full of business opportunitymuch of

35、it increasingly subject to digital risk. As cyber attacks, the mobile workforce, regulatory issues and data privacy elevate the level of threats, companies must keep pace with risk and security strategies that combine awareness, collaboration, investment and innovation. Learn how RSA can help you ma

36、nage digital risk in 2020 and beyond. 1. Jon Oltsik, “The Cybersecurity Skills Shortage Is Getting Worse,” Enterprise Strategy Group, January 2019. 2. Steve Morgan, “Cybersecurity Talent Crunch To Create 3.5 Million Unfilled Jobs Globally By 2021,” Cybercrime, October 2019. 3. Edward Lim, “Taking th

37、e Lead: Addressing the Cyber Skills Gap in Asia-Pacific,” , July 2019. 4. “Global Artificial Intelligence (AI) in Cyber Security Market,” Zion Market Research, August 2019. 5. RSA Digital Risk Report, September 2019. 6. RSA Quarterly Fraud Report, Q2 2019. 7. RSA Digital Risk Report, September 2019.

38、 2019 Dell Inc. or its subsidiaries. All Rights Reserved. RSA and the RSA logo are trademarks of Dell Inc. or its subsidiaries in the United States and other countries. All other trademarks are the property of their respective owners. RSA believes the information in this document is accurate. The information is subject to change without notice. Published in the USA, 12/19 eBook H18060 W310234