The digital security sector has been, since its birth, a constant race between defenders and system attackers, looking for the best ways to start and stop raids.
So it has been so far, and it does not seem that 2020 will be different. In fact, some specialists in the sector are already beginning to point out the new paths through which that career could run during the year we are about to release. Three trends stand out especially:
1) The decline of passwords
These are bad times for passwords as a security measure: either due to ignorance or negligence, users continue to use manifestly insecure passwords, insisting on keeping the same passwords for a long time or applying them to different services.
According to Watchguard, over the next year we will see how multifactor authentication gradually becomes the standard security measure for large and medium-sized companies, thanks to the fact that mobile phones have eliminated the expensive requirement of hardware tokens.
But, while multifactor authentication becomes the business standard, those companies in need of extra security levels will begin to adopt biometrics as an authentication system.
2) New attack vectors
The fashion of allowing employees to use their own devices to perform tasks in the workplace - what is usually called BYOD (Bring Your Own Device,) - has been proven to offer appreciable improvements in productivity, saving up to an unproductive hour by working day. In addition, the growth of this habit goes hand in hand with the teleworking boom.
Since employees who work with their own devices outside the company's headquarters lose much of the perimeter security they have when they are inside the company. Watchguard.com predicts that by 2020, a quarter of all data breaches will be linked to BYOD cases.
Also the various collaborative cloud work platforms (such as Google Drive or Slack) will be increasingly popular as attack vectors. In them, users tend to trust others immediately, a fact that attackers will take advantage of in their favor, whether for attacks based on social engineering or malware dissemination.
3) Deepfakes as a cyberattack method
One of the technologies that could contribute to nullifying your security are deepfakes.
These increasingly realistic and AI-based fakes will be the big threat to biometrics-based security systems.
According to Optiv Security, there has been much talk about the potential of deepfakes to manipulate electoral processes, but not enough attention is being paid to their potential to make money, either through phishing, or by selective dissemination of false news.