Every year, Kiuwan makes predictions concerning what’s in store for cybersecurity for the coming year based on prior events, current trends, and statistics. While year-end predictions are commonplace, what’s uncommon are follow-ups to see if said predictions came to fruition. Below, we’re holding our feet to the fire and looking back to see how the unfolding decade has confirmed or rejected our six cybersecurity predictions from 2020.
Ransomware becomes more of an issue for almost every account each year.
For one, the financial toll of ransomware is rising. IBM’s most recent 2023 study reveals that ransomware is the most expensive form of data breach, clocking in at $5.2 million per incident. In comparison, the average cost for total recovery back in 2020 was $1.4 million.
However, the cost has not been the only factor that’s become more severe; ransomware methods are also evolving, as is evident with the MoveIt software supply chain attack. Instead of a single victim, the ransomware affected hundreds of organizations up and down the entire supply chain.
These far-reaching attacks have become more common and intricate. Instead of the traditional extortion method, where hackers encrypt data within a system, there are forms of double and triple extortion, like when attackers lift data from the native system and keep it in a separate storage space or threaten to expose data to the public.
The only issue with this prediction was the word “slowly.”
In 2020, the terms two-factor authentication (2FA) and multi-factor authentication were well-known but still emerging as standard practices.
Now, these methods are adopted by all: Casual Internet users looking to beef up account security, small organizations looking to strengthen access control, and global platforms looking to reduce compromised accounts significantly.
In the earlier part of the 2020s, 2FA took root significantly and spread quickly due to adoption from major players. For example, as 2021 waned, Google auto-enrolled 150 million users with 2FA, and as a result, account hacking decreased by 50%.
2FA offers such immense value because mistakes from individual users cause the bulk of data attacks. For example, a recent Verizon report revealed that 68% of breaches stem from human errors and weaknesses, like weak passwords. Strong authentication is an easy way to enforce better digital habits. The proven effectiveness of 2FA is why companies continue incorporating more creative approaches, such as using biometric authentication on top of SMS or email authentication.
Our third cybersecurity prediction didn’t take long to come true, as AI dominates the headlines and touches all areas of society.
Now, machine learning is used by many major companies, like Microsoft, to identify and prevent threats early on. AI can spot dangers before they become full-scale catastrophes. In many cases, AI automates key tasks, such as code encryption and reviews, updating user authentication lists, and detecting and issuing real-time alerts for unusual web traffic patterns.
AI’s benefits and continuing cybersecurity AI labor shortages have led to it becoming a central piece of the fight against cyber threats. As a result, one can only expect AI to become more front and center as the years roll on.
The numbers don’t lie: companies continue funneling more dollars into cybersecurity. At this point, surveys show that investment in cybersecurity increases by 12% annually. It’s easy to understand why, given that cyber-attacks have become more advanced and costly. As a result, building a robust defense systems is paramount to survival in the modern world.
However, perhaps the biggest surprise, spending-wise, is how quickly small and medium businesses pivoted to invest in digital defenses over the past few years. Now, 53% of all businesses are looking to increase IT security spending. Such action is prompted by greater targeting of small businesses with weak defenses, as in 2023, small business data breaches grew by a staggering 424%.
The dawn of the 20’s came with many concerns over politically motivated cyberwarfare. However, Kiuwan predicted that cyber war is concerning, but the threat of data-directed attacks overshadows it.
As the years have passed, the estimation has remained true. Threat actors clearly continue to express more interest in data, even in politically motivated contexts, rather than waging full-scale destabilization attacks.
Building a culture of digital security requires businesses to think and act globally and locally. Companies must build broad frameworks dedicated to making networks, servers, and platforms more secure. However, there must be advocates to educate individual users, whether employees or customers, urging them to engage in simple best practices when online.
There’s now an immense desire to teach basic cyber hygiene through training on password requirements, phishing scam avoidance, and enforcing VPN usage when working from home. This desire largely came from the COVID pandemic, as it forced workers to consider their digital habits, such as how to secure company files and personal data while working remotely.
New cybersecurity predictions state that the cost of cyberattacks will pass $10.5 trillion by 2025. This represents a 300% increase compared to 2015, making it crucial for companies to boost investment in tried-and-tested cybersecurity tools. Learn more about how businesses can strategically invest in crucial tasks, like app hardening and code security, to prevent devastating cyber attacks.
