IT security trends: what the industry is talking about

How are IT security trends made up?

IT security and cybercrime are inextricably linked. As soon as a new vulnerability appears in an application, criminals try to exploit it and security experts try to fix it. The trends in the IT security industry must accordingly also be viewed from two sides: Which new vulnerabilities are arising and which measures companies and experts are using to secure their processes. IT experts generally always aim to,

•    Reduce cybersecurity vulnerabilities,
•    Secure networks better,
•    Complete tasks more (cost) efficiently, for example through automation,
•    Increase data security and
•    Improve data analysis. 

However, these kinds of general efforts are not yet trends. The specific methods used by criminals to circumvent data protection on the one hand and measures taken to prevent such takeovers on the other can be classified much more as such. In 2019, 5 such trends were particularly noticeable in the IT security industry.

1.    New phishing methods
Phishing, i.e. tapping access data via the Internet, is still the greatest threat to users. The best-known method is phishing by email, which asks you to click certain links, enter data or even transfer money. This is still the most common type of phishing attempt, but it is changing all the time: in the meantime, fraudsters are also using SMS (then called "smishing") or telephone calls ("vishing") to obtain important access data from their victims. Examples are SMS from unknown numbers that come from an alleged acquaintance who wants to communicate something and calls from alleged bank or tax office employees. 

2.    Increasingly more attacks on mobile devices
Since almost everyone owns a mobile phone or smartphone these days, it's no wonder that cyber criminals are increasingly targeting them. The possibilities are almost endless: apps for a fee that offer no or fewer functions than advertised, expensive subscription traps and spying out contact data from the personal phone book are just a few examples. 

3.    Ransomware attacks
Power utilities and companies in particular but also private individuals are increasingly being targeted by ransomware attacks. Put simply, ransomware is software that makes access to a computer system impossible. Such a block can be lifted by the author – usually for a ransom. Hackers regularly try to take the organizations’ and companies’ data or supply systems hostage to get rich. Such attacks increased by 500% from the first quarter of 2018 to the first quarter of 2019 alone. 

4.    Privacy, data sovereignty and legal certainty are gaining importance

Due to the European Union's General Data Protection Regulation (GDPR), which came into force in May 2018, countries and industries worldwide have tightened their regulations with regard to data security and data protection. Depending on who decides on these new regulations and where, various legal obligations are imposed on data processors and data collectors whose transactions have hardly been monitored to date. This may include, for example:
•    Informing users how their data will be used,
•    Providing users with the option to withdraw permission to process data,
•    Designing guidelines and processes in such a way that they are demonstrably legally compliant,
•    Improving privacy by encrypting personal information and data. 

5.    Automation, AI and machine learning in the IT security industry

The IT sector relies more than almost any other industry on automation and support through artificial intelligence. The different techniques are applied on both sides: for example, passwords are being created and encrypted in a more and more complex manner using AI, but they are being cracked faster and faster on the other hand. Other areas in which different automation software is gaining importance are:
•    Collecting and analysing data,
•    Simultaneous monitoring and maintenance of all kinds of devices,
•    Stress tests and simulations to identify vulnerabilities at an early stage.

What IT security trends are going to emerge in 2020?

Above all, an increase in costs is to be expected in the area of cybersecurity. With increasingly cheaper technologies, more and more people are becoming active in cybercrime. Banks, insurance companies and governments in particular must therefore improve their security standards. The fifth trend this year, automation, AI and machine learning, will also continue next year. However, it is also to be expected that the total number of cyber attacks will increase.

What is Bavaria's position on IT security trends?

The it-sa trade fair has been held in Nuremberg every year since 2009. This is Europe's largest IT security trade fair and the meeting place for cybersecurity experts from all over the world. 750 exhibitors from 25 countries were spread over 4 halls in Nuremberg from 6 to 8 October 2019. This makes it-sa the IT security trade fair with the highest number of exhibitors in the world. More than 15,000 international trade visitors flocked to the Franconian metropolis this year alone.

Invest in Bavaria organized the accompanying event it-sa Town Hall Meeting for the fourth time. Besides a keynote lecture by Jasper Wognum from the company BrainCreators , there was also a panel discussion. You can find impressions from the Town Hall Meeting 4.0 @it-sa in our media library. 

The date for next year's it-sa has already been set: Once again, thousands of IT security experts from all over the world will meet in Nuremberg from 6 to 8 October 2020 to discuss the latest trends in the IT and security industry in the heart of Bavaria. What else is happening in IT security in Bavaria can be found in our #bytevaria – IT security in Bavaria magazine.