It’s 10 p.m. Do you know where your consumer data is?
This is the type of question that keeps many cybersecurity professionals up at night — and for good reason. Damages from cybercrimes are projected to cost over 6 trillion dollars in 2021. As the internet continues to evolve, so do the ways consumer and business data can be manipulated. For tech businesses operating in big data, it is up to cybersecurity professionals to stay ahead of cybersecurity trends in order to prevent attacks.
We spoke to cybersecurity professionals from two NYC-based companies about the latest issues that are impacting our tech. Read on for the strategies they enforce that allow us (and our data) to sleep soundly at night.
Over 3.5 million developers choose DigitalOcean as the cloud to host their modern applications. Security Engineer Julia Kim explained how pursuing new solutions is the key to protecting customer data from cyberattacks.
What are the top three cybersecurity trends you're watching that are significantly impacting the industry?
The growth of cybersecurity incidents has caused many companies across industries to invest more in security. Within the tech industry, fraud has become increasingly prevalent. Phishing campaigns have also risen in popularity among bad actors as it tends to be an effective and relatively cheap way to extort users. The industry has also seen attackers become more creative in their distributed denial-of-service attacks, which have the potential to take down servers and make resources unavailable to users.
What under-the-radar cybersecurity trends are you watching that the industry isn't talking about?
With the increasing popularity of Docker and Kubernetes, another rising trend in the industry is the growing relevance of container breakout vulnerabilities. A common misunderstanding is that containers (like OS virtualization) have complete logical isolation when they actually share kernel space. This means that misconfigurations or container breakout vulnerabilities in a single container can lead to compromises across containers. We keep a very close eye on this particular class of vulnerabilities.
The industry has also seen attackers become more creative in their distributed denial-of-service attacks, which have the potential to take down servers and make resources unavailable to users.”
How are these trends affecting the future of your company?
DigitalOcean operates at such a scale that it inspires our security team to constantly innovate in order to mitigate and reduce our risk against these threats. We have a responsibility to our customers to provide safety on our platform. This means that we can never become complacent with regards to security at DigitalOcean. We actively pursue creating new solutions to hard problems that often have no single answer.
Stash is a financial app with a mission to make banking and investing accessible to everyone. According to cybersecurity professionals, that translates to a lot of sensitive user data. Gavin Grisamore, VP, head of information security, told us which cybersecurity trends are always on his radar.
What are the top three cybersecurity trends you're watching that are significantly impacting the industry?
I’ll start with data privacy. The GDPR and CCPA legislation are leading the way in giving consumers more control over their data collected by businesses. Data collection by businesses has often been extensive to drive internal data analysis to support business goals and has recently come in direct conflict with the legislation and a consumer's right to privacy.
Then there’s big data analytics. It's no surprise that businesses generate a lot of data. Effectively analyzing this data, not only from a business perspective but also specifically for cybersecurity, is becoming critical for companies.
The third cybersecurity trend is Shadow IT. In addition to cloud infrastructure, companies and individuals are increasingly leveraging SaaS applications to perform a variety of work. All matters of internal, confidential and sensitive company data are ending up in these applications. The problem is that IT and compliance teams are struggling to keep up with the sheer number of applications, the data stored within them, and who in the organization is using them.
Mobile app fraud is another big trend. According to RSA, more than 60 percent of fraud originates from mobile devices.”
What under-the-radar cybersecurity trends are you watching that the industry isn't talking about?
AI attacks are a major cybersecurity trend that isn’t getting enough attention. Hackers are increasingly leveraging machine learning and artificial intelligence techniques to launch attacks. These technologies allow attackers to better scale their operations and avoid detection.
Another trend is cloud misconfigurations. As more companies transition to or begin their journey in the cloud, misconfigurations are becoming a common occurrence. Cloud SDKs and APIs allow for easy changes by developers; however, this leads to potential service disruptions or open the infrastructure to attack.
Mobile app fraud is another big trend. According to RSA, more than 60 percent of fraud originates from mobile devices. Cybercriminals are shifting toward mobile devices as mobile banking and financial apps increase in popularity with consumers.
How are these trends affecting the future of your company?
As a financial services company, our customer's safety and security are our constant priority. While all of the trends discussed are significant challenges, data privacy is our biggest challenge. As we scale our operations, we have the opportunity to bake in not only security protections, but also privacy protections. Customers’ preferences are shifting as they demand more privacy when they are online. At Stash, we want to not only be a leader in security, but also a leader in privacy to protect our customers. For us, these are not competing, but rather, complementary goals.