As we close the books on 2019, we thought we’d take a look back at the predictions we made nearly a year ago. Did the market play out as we expected, or did things change?
Here is a quick review of each prediction with some final thoughts:
Prediction #1:
GDPR Non-Compliance – In 2019, several organizations will choose not to be GDPR compliant, deciding that paying a fine or dealing with a lawsuit is easier than trying to comply with an ambiguous and undefined standard.
Where we are today:
This played out as predicted. At the mid-year point, we saw significant fines levied against British Airways ($230 Million) and Marriott ($123 Million) for GDPR violations. We expect compliance efforts to continue at the state level, as seen with initiatives such as the California Consumer Privacy Act (CCPA).
Prediction #2:
Cryptojacking Moves to #1 – Cryptojacking will pass ransomware in 2019 as the premier malware threat as hackers look for ways to get closer to the money with minimum effort to monetize attacks.
Where we are today:
Cryptojacking appears to have been a brief trend this year. While cryptojacking surpassed ransomware as a top threat during 2019, at least for a while, it appears to be falling out of favor as attackers find that ransomware is easier to pull off. Cryptojacking will remain a threat, though we don’t expect it to be used more than ransomware.
Prediction #3:
Organizational Shift – CISOs and security departments will move from reporting into IT to finance or legal, reflecting the shift from a technology focus to risk. This is a result of executive teams and Board members realizing the importance of cybersecurity to the entire organization (e.g., operations, financials/stock, brand, etc.).
Where we are today:
Organizational shifts definitely occurred during 2019, and we expect to see more. A number of CISOs and directors are working through the organizational shift of transitioning their reporting from the CIO to the CEO or General Counsel. In 2020, we anticipate even greater shifts, with more MDRs and MSSPs lifting up the team.
Prediction #4:
Platform Consolidation – We will see a consolidated platform from a single vendor actually work in cybersecurity in 2019.
Where we are today:
Strategic acquisitions have continued during 2019, with Palo Alto Networks and Microsoft’s expansions to become all things to all people. We expect this “platformula” of consolidation to continue on in 2020 as more SIEMs continue to bring together disparate data sources.
Prediction #5:
AI and ML Finally Get Real – Artificial Intelligence (AI) and Machine Learning (ML) will finally find a truly useful purpose in cybersecurity this year and will move past the “marketing hype” phase. You will see real-world, practical applications and use cases of AI and ML, beyond PowerPoint slides.
Where we are today:
AI and ML continue to get hyped up as more solutions seek to leverage AI/ML. While there have continued to be advancements in AI/ML technology, the human element can’t be overlooked. Humans will always be needed, meaning AI/ML can only be leveraged to a point. AI/ML solutions can’t reason, which is still required in all technology. We’ll continue to keep a close eye on how AI and ML play out.
As technology evolves, we’ll continue to keep an eye on evolving trends. Stay tuned as we prepare to roll out our 2020 predictions in the coming weeks!
by Randy Watkins | CTO, CRITICALSTART
and Jordan Mauriello | VP of Managed Services, CRITICALSTART
December 30, 2019