insights.jpg

Guest Blog Post: What Did We Learn about Cybersecurity in 2018?

By Maddie Davis

macbook-pro-at-night-picjumbo-com

To make progress in the fight against cyber attacks going forward, we must acknowledge our past. As we move into 2019, we’re looking back at a few of the leading cybersecurity trends from the past year. 

Artificial Intelligence

Artificial intelligence (AI) was a major buzzword in 2018, across numerous
industries. While there are many benefits to the growing technology, there are
also plenty of potential risks. In regards to cybersecurity, the issue of AI lies in
the way it is managed. Without paying proper attention to the risks associated
with heavily relying on automated technologies, experts warn the risks can be truly dangerous.

Typically, AI and machine learning are utilized to help automate threat
detection and response to relieve some of the burden from employees, and
potentially help identify threats more efficiently. While these results can provide
great benefit to security teams, they are not as cut and dry as some may
believe. In order to please customer markets that have bought into the AI hype,
more and more firms are rushing to implement machine-learning-powered
products. This is dangerous because as companies rush to get their products
to market, training information that hasn’t been thoroughly scrubbed of
anomalous data points can lead to algorithms missing attacks and creating a
false sense of security. Another possible threat to full automation is the risk of
hackers accessing a security firm’s system and corrupting data by switching
labels so that some malware are recognized by the AI as clean code.

AI will surely have a role in security moving forward. To best utilize the
technology and prevent the possibility of an attack, we must continue to stress
the importance of security companies and customers to strictly monitor their
programming and act accordingly to minimize risks associated with algorithmic
models. Make no mistake, human assistance is still very much needed.

Insider Threat

According to the 2018 Insider Threat Report by Cybersecurity Insiders, two-
thirds of organizations (66%) consider malicious insider attacks or accidental breaches more likely than external attacks. With the threat of attacks no longer
originating strictly from malicious outsiders and malware, organizations today need to be hyper-aware of internal hacks, both intentional and unintentional.


Due of the typically large number of users and devices with access to sensitive
data organizations maintain, 90 percent of networks are vulnerable to inside
threats. Because of this, many organizations are working to shift their security
focus to insider detection and prevention; however, without taking a step back to develop a cross-functional process that goes beyond installing a technology solution and calling it a day, these companies are still largely at risk. Best efforts in
countering insider threat requires creating a culture of insider threat awareness and responsibility with a properly trained workforce acting as human sensors to recognize and report anomalous activity.

Continuous Evaluation

One way to mitigate the risk of attacks from inside the workforce is to keep security records up-to-date and as thorough as possible. Although organizational policies may require employees to self-report run-ins with the law, financial difficulties, and other life events, it's difficult to enforce. This can be better accomplished using an approach called continuous evaluation currently being implemented by the Department of Defense, where internal systems routinely check court proceedings, bank and credit bureau records, and other open-source data to look for signs that members of the existing workforce may pose a risk. Should the system find a potential red flag on an individual, it will notify the appropriate HR or Security member, who will review the finding and decide what action to take on it. 

The future is full of innovation, and that includes advanced security methods. In
the fight against cyber attacks, 2019 is sure to be a year of improvement. While
there is still a long ways to go, recognizing these threats and the measures
being taken to combat them, demonstrate the fact that we’re heading into the
new year on the right path.

Author Bio: Maddie Davis is co-founder of Enlightened Digital and a tech-
obsessed female from the Big Apple. She lives by building and redesigning websites, running marathons and reading anything and everything on the NYT Best Sellers list.