Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Enterprise ServicesSecurity Leadership and ManagementCybersecurity News

Too Dangerous to Be Ignored: Cybersecurity Trends that Affect Everyone

By Brian Bertacini
data-enews
October 3, 2019

Today, the average American leaves the house with a smartphone that has more computing power than the systems that landed humans on the moon. The Internet of Things (IoT) enables refrigerators to tell you that you’re running out of milk and cars to provide assisted driving. The reality is that the knowledge economy is in full swing, and the modern world’s relationship with technology has advanced to a state where nearly all aspects of our daily lives are touched by the internet. As a result, threats to cybersecurity are among the most critical issues facing the world today, holding the capacity to disrupt political, economic and individual activities around the world.

Even as an entire industry emerges to develop innovative and improved defenses against cyber threats, malicious actors continue to develop more sophisticated tactics for exploiting vulnerabilities.

In a recent example, the City of Baltimore was struck by a ransomware attack this past May. Malicious hackers used the ransomware to disrupt government computer systems by encrypting files and demanding around $80,000 to restore normal operations.

As Baltimore officials continue to deal with the fallout from this cyber-attack, the repercussions have been felt well beyond the inner-sphere of city government. The attack has directly affected how the city is able to work with the public, leaving emails and voicemails inaccessible. This has also disrupted city residents paying water bills, property taxes and traffic citations, as well as the city’s ability to officially close real estate sales.

These issues and the estimated $18 million cost of recovering from the attack are a testament to the reality that in 2019, cyber technology undergirds and connects some of the most fundamental aspects of everyday life. In order to safeguard the collective cybersecurity and functionality of governments, businesses and individuals, it is crucial to maintain awareness of evolving cyber threats and to remain vigilant about one’s personal cyber defenses.

Where technology leads, cyber threats will follow.

Far beyond the realm of city government, offensive cybersecurity strategies by foreign states stand to transform the geopolitical cyber scenario as we know it. Russia’s interference in the 2016 United States presidential election continues to have ramifications, many of which may not be fully realized for years to come. Along with the 2017 WannaCry ransomware attack attributed to North Korea indicate a growing trend of cyberwarfare and the need for increased investments in cyber-defense strategies. Cyberwarfare threats are increasing, and governments must protect the welfare of its citizens by safeguarding government networks, internal perimeters and supply chains against cyber threats.

The development of new technologies also creates new security challenges for the businesses that develop and provide innovative products for consumers. In particular, innovations in the automotive and biotechnology industries are increasingly vulnerable to cybersecurity threats as new ways to exploit emerging technologies are devised. The introduction of self-driving and assisted-driving cars carries the risks of key hacking, personal data compromise and interference in vehicle-to-vehicle and vehicle-to-traffic infrastructure communications. In biotechnology, scientists are engineering devices enabled by the internet to conduct biological processes, such as implanted medical devices and pharmaceutical delivery systems.

The security challenges that these devices create for the businesses that develop them will be accompanied by serious personal risk for any individuals who rely on medical devices that are not adequately shielded from cyber-attacks. Modernization is accompanied by many cybersecurity risks, and businesses need to protect themselves and their clients by ensuring systems’ resilience, such as implementing strong cryptographic encryption of sensitive data and continually developing and deploying new security updates in response to evolving threats.

While individual citizens rely heavily on government and businesses to implement cybersecurity protections, successful resistance to cyber threats often boils down to basic human decision-making. Individual defenses against cyber threats are crucial because most cyber-attacks deliver malware through phishing campaigns that target corporate and private emails. Additionally, many systems are susceptible to cyber threats when people fail to install operating system and application updates that are designed to patch the system vulnerabilities that adversaries target. While personal and employee training can help people identify obvious phishing attacks, the growing sophistication of phishing campaigns will require the development of active solutions to instigate revisions of policies and procedures, user training and awareness and Artificial Intelligence (AI) based technologies.

Cyber threats are evolving. You should too.

As cybersecurity threats develop and become more advanced, authoritative bodies are responding by introducing new regulations and standards to defend systems against cyber-attacks. As an example, the European Union has been developing and implementing new cybersecurity regulations over the last few years. As a follow-up to the 2018 implementation of the General Data Protection Regulation (GDPR), which standardizes policies for giving individuals control over their personal data, this year the E.U. plans to introduce the new ePrivacy Regulation, which will enhance the level of confidentiality within electronic communications. Even though these are E.U. based initiatives, their reach and impact is global for anyone who has customers in the E.U.

Additionally, the International Organization for Standardization (ISO) is set to release new standards regarding the security and protection of personal information within cloud-based services. ISO/IEC 27552, for example, provides additional requirements to establish, implement, maintain and continually improve a Privacy Information Management System (PIMS) and will be an extension of ISO/IEC 27001, the standard for Information Security Management Systems. This new standard is in addition to the controls currently in use through ISO/IEC 27017, security techniques for cloud services, and ISO/IEC 27018 protection of Personally Identifiable Information (PII) for PII processors. Another standard under development will target the security of consumer electronics.

For all the rules and regulations being introduced to defend against evolving cyber threats, organizations are not responding fast enough. The City of Baltimore is a prime example of an organization that did not effectively implement cybersecurity protection. Reports from Baltimore officials speculate that the ransomware attack was initiated through phishing efforts. A critical vulnerability prevalent in some Microsoft operating systems, famously exploited in 2017’s WannaCry ransomware attacks, was reported to be the vector for the attack. Microsoft introduced a patch for the vulnerability in 2017, yet the city never updated its systems to mitigate this well-known threat.

What this illustrates is that even large organizations like the Baltimore City Government are not adequately defending or responding to cyber threats, and the consequences are now being felt by individuals and businesses throughout the Baltimore area. Significantly, Baltimore is not an outlier when it comes to lax cybersecurity. Just last year the city government of Atlanta was hit by a ransomware attack, and a recent article in the Washington Post highlights how poor funding for IT departments in city budgets around the United States makes many local governments vulnerable to cyber-attacks.

It goes without saying that cybersecurity threats will persist and continue to evolve. Tackling these threats and unpacking endless new laws, regulations and standards will require a continuously high level of expertise, knowledge and multidisciplinary approaches. Organizations must adopt a position of organizational resilience that makes information and cyber resilience top priorities. International standards and other cybersecurity best practices promoted by all organizations enable individuals, companies and governments to achieve a state of enhanced and sustainable resilience in the face of cybersecurity threats.

KEYWORDS: artificial intelligence (AI) data breaches machine learning

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Brian bertacini
Brian Bertacini founded AppSec Consulting in 2005, a leading provider of IT security testing services, PCI assessment and validation, training and security technology integration for businesses of all sizes including starts-up and large global enterprise clients. AppSec was acquired by BSI in 2019 and Brian has taken over the role of President of Cybersecurity and Information Resilience U.S..

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • supply-chain-freepik

    Supply chain cybersecurity trends: What professionals should be aware of and how to prepare for 2022

    See More
  • nuclear-enews

    How Cyberattacks Affect the Physical World, Too

    See More
  • Finger touching email icon

    Be wary of the latest AI-based email cybersecurity trends

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing