It's a new year, and for many people, that might also mean a new start, both in their personal lives or at work. But whether you're making a new year's resolution to get to the gym more or learn a new hobby, or your company is looking to grow or move into new markets in 2019, there will still be a few things that never change.
One of these is the constant threat posed by cyber criminals and hackers. Indeed, if the last few years are anything to go by, this is only set to become an even bigger problem. 2018 brought us several stories where tens or even hundreds of millions of records were stolen, so could 2019 be the year when billion-record losses occur?
But while the threat remains as serious as ever, the actual methods criminals use to gain entry to firms and do damage are always evolving. So what areas are likely to be high on the agenda for both hackers and security pros in 2019? Here are a few security trends to look out for.
IoT to be a prime target
The Internet of Things is set to attract a lot of attention this year, but many businesses will be so focused on adding the devices to their network they overlook the potential security implications. Many of these gadgets currently don't offer tough protections by default and hackers will be keen to take advantage of these weaknesses.
Lead malware analyst at Malwarebytes Chris Boyd told Computerworld more and more hardware devices will be compromised, being used for everything from cryptocurrency mining to malware. "Large-scale compromises of routers and IoT devices are going to take place and they are a lot harder to patch than computers," he added.
More state-sponsored attacks
The threat of state-sponsored hacking is also set to be a key risk in 2019, with attacks aimed at organisations connected to the the country's critical infrastructure likely to be among the top target. Given the large amount of resources supporting these actors, it is to be expected that they will be able to use advanced techniques that many businesses may not be prepared for.
As a result, defences that include strong intrusion detection systems will become more important than ever, as even if firms cannot stop the most determined attackers from gaining access, they must at least be able to prevent them from moving around inside networks and minimise the damage they can cause.
Multifactor authentication to become the norm
Despite years, if not decades, of warnings, passwords continue to be weak points for many businesses, and it seems many firms are reaching the end of their tether with users who persist with logins like 'password123'.
Therefore, in 2019, one of the most visible changes to security practices for many everyday users will be the introduction of multifactor authentication for everything. It's a relatively simple step, but it could make a big difference to many firms this year.
The first eye-watering GDPR fines
When GDPR came into force last May, a few people suggested we would quickly see it show its teeth with big fines for early data breaches to act as a deterrent. So far that hasn't happened, as it takes time to conduct full investigations, and only breaches reported after the start date were affected by the legislation. But in 2019, that's likely to change as time passes and regulators begin to act on 2018's complaints.
Senior writer at CSO J M Porup said: "Enforcement is going to be harsh beginning in the first half of 2019. Companies engaged in surveillance capitalism, like Google and Facebook, are in for a rough few years."