Trends for 2019 - Security Breaches affecting the way we work

Posted 23 January 2019

The pace of innovation in the digital space and online world is continuing, with underlying trends that are continuing to boom.

Our feature trend this week will focus on security. To review part one of this trend series, click here to read about the Cloud.

Breaches: there will be more

In 2018 we saw many breaches of 'unhackable' systems, exposing the data of millions, including the recent Facebook breaches and in some cases PII health data.

Grandiose statements from John McAffee of his BitFi digital currency wallet being 'unhackable' quickly drew the attention of security researchers like bees to honey, and within a few weeks, exploits were confirmed. This included a 15-year-old using the hardware device to play the Doom game, and other researchers transferring the cryptocurency from the target bug bounty device.

On a more serious side, India's Aadhaar biometric authentication service claimed to be "hack proof", and unfortunately, fell in a similar manner spilling the information of 1.2 Billion people – approx. five times the population of Australia.

Similar was the dump of the medical data in Singapore, affecting many people including the Singaporean Prime Minister. 1.5 million people, approximately a fifth of the country, were affected by this as the SingHealth service was compromised.

Facebook had 87 Million records breached, Google had problems with its failed Google+ social platform, Under Armour had 150M records of its MyFitnessPal app leaked and the list continues.

This is something that we're continuing to see. Companies collect vast amounts of information in case they want to use it, and should instead decrease their collection to reduce the impact of when they get breached. Because it is nearly a case of not if but when.

Some of these are not unique individuals - people in one breach may indeed be caught up in multiple breaches (same user/password used on multiple services), but even if we had a 10% duplication of identities, that is still half a billion possible identities, or 6% of the world population.

The trend is going to show more of these.

From a maturity operating security implementation, we see outdated methods of storing sensitive information (such as passwords) still in use behind by service operators.

As the number of breaches rise, the approaches used to minimise breach impact should be examined carefully. Organisations should not collect information they don't require. Organisations should expunge information when they no longer need it; retention policies should be implemented to safeguard the operators' reputation if or when a breach happens.

To understand more about web security, watch this space for article 3 in our 2019 trends series.