The entire tech industry is forever changing, and if you are aware of the security side of this, you can easily see how bad actors’ hacking pushes these changes through. Since there is always something new happening, there are also tools and techniques that are part of the solution, and some add to the problem.
It’s important to weigh all these tech security trends so you know what your best options are for protecting yourself and your network and also know what might be vulnerable. Any company that has a product to sell works to convince their customers that they are always on the cutting edge. To help you understand what’s all the rage in the cybersecurity industry, it’s important to see what is trending and what might sometimes be vulnerable.
Collaboration App Security
These days, more teams than ever before are relying on apps to help them collaborate. Some of these, like Slack, are very popular, and others, like SharePoint and Dropbox, are still holding their own. This type of software is perfect for productivity, but they also open the door to hackers to access data.
As more businesses are starting to use these apps, they are giving hackers even more opportunity to distribute content that is designed to maliciously access data. Most of these apps are cloud or web-based, and they are often installed without even consulting the IT department. This means they often don’t have the same level of protection as other types of sharing methods, such as email, which is usually scanned by an antivirus protection program.
Research shows that most employees in the workplace have shared files and other information via these apps and sites and it’s not entirely safe. At a minimum, run antivirus and when available enable two factor authentications for accessing these apps.
The current way that communication is encrypted is not totally secure. Instead, the method relies on exchanging cryptographic keys, which can be broken by a hacker. This type of security method is reliant on the fact that these keys can only be broken by using intense mathematical methods, to the extent that the difficulty of math problems make hackers think twice about trying to break them.
However, we also know that computers are able to do complex math problems and even the newest computers in development, known as quantum computers, can easily solve the most difficult problems that our current binary computers can come up with.
Essentially, you have to fight fire with fire and use a quantum key distribution instead of cryptographic keys, which is what we have now. Though this all sounds like it is way into the future, estimates are that widespread use of quantum computers could just be a decade or less from happening.
AI is being implemented in many aspects of security. However, research shows false positive rates for AI security solutions are at approximately 50 percent. This means that if a security software uses AI to catch a bad guy or notify its installer of a problem, half the time it catches a good guy notifying of a problem when there isn’t one. This leads to security and AI fatigue. However, there are more companies getting better at the AI game and security will only get better where man is still fallible.
As you may know, many of the data breaches today have to do with passwords getting stolen and the hacker gaining access to accounts. In order to overcome this, security systems should treat a password as just one factor to use in order to access data. The factors could be something that the user knows, such as a password, or something he/she has, such as a security token. A factor can also be a physical item, like a biometric. A good example of this is an ATM. Not only do you need your card to access your account, but you also need a PIN. Websites are doing this too. You must put your password in, and then you are prompted to enter a code, which is often sent via text message or email. More and more companies are turning to multi-factor authentication both as a deployed internal requirement for authentication and as an option for consumers.
There are regulations out there that many industries have in place that require antivirus protection. However, with all of the “zero day” attacks from malware and worms (undiscovered threats that antivirus is unaware of or simply can’t defend against), the entire process of antivirus seems antiquated in this light. It is becoming a bit painful as these programs cannot keep up with the attacks that hackers are creating.
With that said, don’t give up on antivirus just yet, as it is still a fundamental cyber security requirement that isn’t going away any time soon.
In 2018, the price of bitcoin fell by almost 80 percent, and though bitcoin and blockchain are not the same, the interest in blockchain fell too. There is a bright side though. The decrease in the value of bitcoin has resulted in a drop in crypto-mining attacks. These attacks hijack a victim’s computer and forces it to mine bitcoins. A recent study shows that only about 1 percent of companies are interested in rolling out blockchain technology at this time.
While all these technologies have their place, you want to make sure you aren’t chasing what’s new and flashy. Doing your homework is key. Companies are going back to basics, and they are realizing that it’s not possible to protect everything always and a multilayer approach is essential. The best way to stay safe is to keep systems up to date and to protect the low-hanging hacker fruit, which is to protect credentials, especially passwords.
The ETF Managers Group’s Prime Cyber Security ETF (NYSE: HACK) is a globally diversified, liquid, exchange-traded fund for people who are looking to take advantage of the growth of the cyber security industry. HACK invests in a portfolio of companies that lead the war on cybercrime. HACK was the first ETF, and continues to be the largest ETF by AUM, to provide investment exposure to this forward-looking theme.
Carefully consider the Fund’s investment objectives, risks, and charges and expenses before investing. This and other information can be found in the Fund’s summary or statutory prospectuses available on www.etfmg.com. Please read the prospectus carefully before investing.
Investing involves risk, including the possible loss of principal. Shares of any ETF are bought and sold at market price (not NAV), may trade at a discount or premium to NAV and are not individually redeemed from the Fund. Brokerage commissions will reduce returns. Narrowly focused investments typically exhibit higher volatility.
The fund is concentrated in technology-related companies that face intense competition, both domestically and internationally, which may have an adverse effect on profit margins.
The Fund is distributed by ETFMG Financial LLC.