Fakes, Privacy Awareness and Disaster Relief Predicted for 2020
Attacks on integrity using AI and deepfakes, deployment of anti-surveillance technology and govermment interest in cybersecurity issues will be the main changes to the security industry next year, according to Forrester.
The analyst firm’s 2020 predictions claimed that “integrity attacks” such as deepfakes will go on to “cost businesses over a quarter of a billion dollars” as attackers use AI technologies like natural language generation and video AI to generate fake audio and video designed to fool users.
Also on the theme of AI, 20% of enterprise customers will prohibit the use of their data for AI, as more and more organizations will become selective about what data they give to their vendors, as they choose “to opt out of data sharing due to concerns about anonymization, privacy and accidental disclosure.”
Also on the theme of privacy, Forrester claimed that mass data collection “will drive a 15% growth in anti-surveillance technology” after corporate economic surveillance expanded in 2019, with consumers turning to anti-surveillance technology that conceals, distorts, or blocks public and private surveillance tools. These include: clothing that foils license plate readers, anonymized search engines, lockers for private deliveries, anonymous credit cards, VPNs, anonymization services and ad blockers.
In the same theme, the analysts predicted that companies will use the data they collect as a key reason to make acquisitions, allowing them to circumvent controls and regulatory oversight and weaponize data by using it to manipulate, subvert, or target populations. For example, if a company that owns personal data is acquired by a government-owned firm, the data will go on to be owned by a potential adversary.
In an email to Infosecurity, VP principal analyst at Forrester, Jeff Pollard, disagreed that there is a more “paranoid” perception to 2020, and while he continually “hears that the pace of innovation and change is accelerating” he believed it is an increased “awareness of the amplified consequences stemming from digitally dependent lives.”
Asked if we are on the verge of consumers and businesses taking privacy into their own hands, Pollard agreed, and said that “businesses need to think about privacy in terms of competitive intelligence. The more data companies collect about your employees – especially data gathered during the course of their work activities – the more those firms know about your company as well.”
He went on to say that one of the things that GDPR helped do is drive awareness of privacy for consumers. “After awareness, comes empowerment,” he said. “Individuals need to understand that limiting what data companies collect – even seemingly innocuous data – is the best approach for them.
“Because you can’t control what those companies do with that data, what insights can be derived from it, and as we note in our first prediction, that the company they agreed to share data with isn’t acquired by someone else with different ethical stances and use cases for that information.”
Finally, the analysts predicted that 2020 will be the year when a local government will seek disaster relief for ransomware damages. After a surge in ransomware attacks against local governments and municipalities in 2019, Forrester predicted that in in 2020, a ransomware attack targeting a municipal system and causing significant disruption for citizens, will lead to one municipality to request disaster relief from the national government.
“This act will generate considerable public debate about the role national governments should play in assisting to cover the costs, disruption, and recovery from cyber-attacks targeting local governments.”
Source: Information Security Magazine