2019 - half empty or half full?

2019 - half empty or half full?

Breaches

Many personal records are half empty due to the continued rash of intrusions while the crooks are half full of our personal information, along with many ransom payments. Cyberattacks, data breaches, and ransomware have brought 2019's total to around 5.9 billion exposed records through April. That's around 1.46 billion a month. I continue to get alerts for one of my email addresses being found on the dark web. Healthcare, social media, automotive, municipalities, retail, tech companies, restaurants, governments, and pretty much any industry that has an internet connection is a target. There has certainly been a rise in ransom payments to unlock data and the rise in cyber insurance as the cost of breaches continues to grow.

According to Ponemon, the global average cost of a data breach for 2018 is $3.86 million (but can go as high as $8 million), up 6.4% from the previous year. About US$148 per record. The mean time to discover a breach is over 100 days. If you can contain it within a month, you'll save a bunch.

Cloud Computing

RightScale 2019 State of the Cloud Survey notes that multi-cloud is the preferred enterprise strategy. 84% of enterprises have a multi-cloud strategy in place. Those with a hybrid cloud (public plus private) sit at 58%. One thing is certain, public cloud adoption is growing, with 91% deployed, and companies plan to spend 24% more on public cloud in 2019 vs. 2018. In previous years, we saw enterprises using an average of around three clouds. That's now jumped to five clouds on average. The challenge now is not whether to go to the cloud, but rather it is all about managing and optimising costs.

A lot has changed from the 2015 Half Report when cloud was finally becoming a viable option. Amazon launched AWS 13 years ago. Azure is almost a decade old. We've got hybrid cars, hybrid corn, hybrid cats, and hybrid clouds, but 'the cloud is still a datacentre somewhere' so, you get the idea. Cloud seems to be more than half full as the industry grows and more stuff gets put there.

DNS

DNS is one of the most important (and fragile) components of a functioning internet. EfficientIP in conjunction with IDC released their 2019 Global DNS Threat Report and, over the last year, DNS attacks have increased 34%. 82% of surveyed organisations have been hit with a DNS attack. That's an average of nine DNS attacks per organisation.

Most upsetting is that 63% suffered application downtime due to the attack and 27% had business downtime. Apps are the business these days. The cost of attacks? That's also jumped 49%, topping the US$1 million mark per attack. Methods include phishing (47%), malware-based (39%), and the old standby DDoS (30%). The need for DNS continues to indicate things may be half-full in a cracked glass. The never-ending influx of connected nouns means DNS will continue to be a valuable target.

Mobile

We are mobile, our devices are mobile, and the applications we access are mobile. Mobility, in all its iterations, is a huge enabler and concern for enterprises. BYOD, an old term by today's standards, is still at play with that market hitting $367 billion by 2022. Tech tools continue to expand, and it'll only get worse as we start wearing our connected clothing to the office. 5G, AR, mobile payments, APIs, the rise of instant or on-demand apps and hopefully more attention to security (since we're now joined at the hip with our devices) are all at play. Mobile is certainly half full and there is no emptying it now.

Bots

Around half of all Internet traffic is bot-related. There are good bots like search engines, crawlers, chats, and others that play by the rules. Then there's the bad bots – those that launch DDoS, account takeover, scraping, surveillance, ad fraud, brute force, and other nasties for the unscrupulous ones. These can impact business intelligence, cost money, cause havoc, generate unwanted traffic, and otherwise disrupt business. While you might not have thought about it much, it's important to have a bot management strategy.

Half empty or half full?

I'm sure 2019's second half will bring more amazement, questions and wonders. There's that old notion that if you see a glass half full, you're an optimist, and if you see it half empty you are a pessimist. I think you need to understand what state the glass itself was in before the question. Was it empty and filled halfway or was it full and poured out? There's your answer!

* By Peter Silva, Senior Security Solutions Marketing Manager, F5 Networks.

Read more