You can’t discuss the future of cybersecurity without considering emerging trends in technology and threat landscapes. As organizations develop and adopt technologies related to big data, cognitive computing and the Internet of Things (IoT), cyberthreats are growing in both volume and complexity.

The race is on to secure these systems and devices before fraudsters figure out how to exploit them. Let’s take a look at some of the most important themes and innovations shaping our increasingly interconnected world.

The Power of Big Data

Massive amounts of data are produced by a rapidly growing number of devices. The equation is very simple: More devices means more data, both structured and unstructured.

Widespread mobile adoption has led to the rise of social networks, which generate even more data. Unsurprisingly, data scientists have developed ways to leverage this information in advertising and marketing campaigns. But what happens if cybercriminals get their hands on this data? With such power to influence the public’s behavior, the consequences could be dire.

Even the human brain itself can produce data for researchers to analyze. Scientists use sensors to understand how the brain reacts to certain stimulants and emotions in the interest of medical advancement. Needless to say, the data produced by these experiments is highly valuable to researchers and malicious actors alike.

But while big data certainly represents a juicy target for fraudsters, it can also help security professionals fight cyberthreats. In the cyber world, criminal activity always leaves a digital trail. Security analysts can use this data to predict attacks and identify malicious actors before they strike. The process of analyzing millions of unstructured records, however, can take days.

That’s where cognitive security comes in. With machine learning, IT professionals can process threat data more efficiently, and more accurately predict criminal activity. This is just one of the many ways in which cognitive computing will shape the future of cybersecurity.

While many institutions and government agencies have implemented regulations to protect data, the increasingly sophisticated threat landscape demands a sweeping culture change when it comes to security. Users should be careful not to publish sensitive information on social media and adopt fundamental security solutions such as password protection, firewalls and antivirus software. Enterprises must implement security controls and train employees to use them.

Securing the Internet of Things

Security professionals are well-versed in protecting servers and traditional mobile devices such as smartphones, but what about cars, refrigerators, thermostats and other home automation gadgets? Even more importantly, can they secure medical equipment in increasingly connected hospitals?

Cybercriminals commonly hijack connected devices to form botnets in larger efforts to commit distributed denial-of-service (DDoS) attacks against high-profile websites. It is becoming even more important for users and enterprises to properly secure their devices. Device manufacturers should build effective security controls into their products, and organizations should conduct exhaustive application security testing.

Looking Ahead for Industries

In the past, SCADA was secure by nature, inaccessible to outside parties using proprietary protocols. Reductions in cost and productivity, however, have driven the market to use standard protocols and interfaces that render SCADA systems vulnerable. For this reason, identity and password management are critical.

It is clear, however, that organizations are struggling to manage and monitor so many user identities. An identity governance and intelligence solution can help in that area today, but the technology will have to evolve in coming years to accommodate the death of the password and the rise of advanced authentication techniques such as biometrics.

All the aforementioned threats related to big data and IoT apply to the health care industry as well — but many IT professionals in this sector are too preoccupied with today’s security issues to worry about the threats of tomorrow. Ransomware operators are particularly drawn to health care data because it is critical, difficult to secure and highly personal. Leaders in the security space should pay close attention to this highly targeted industry.

Shaping the Future of Cybersecurity

While these threats certainly pose a significant challenge to IT professionals across all sectors, the urgency will only increase as technologies such as cognitive computing, big data analytics and the IoT further develop and influence our increasingly connected world in unprecedented ways.

Enterprises can do their part by sharing threat data and investing in solutions and infrastructures that are secure by design. As always, users should exhibit good password hygiene and avoid opening suspicious or unsolicited emails and attachments.

Listen to the podcast: The Cognitive Transformation is Coming

More from Application Security

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Audio-jacking: Using generative AI to distort live audio transactions

7 min read - The rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has been an increase in threat actors who attempt to exploit large language models to create phishing emails and use generative AI, like fake voices, to scam people. We recently published research showcasing how adversaries could hypnotize LLMs to serve nefarious purposes simply…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today