We will focus on sharing our predictions for the big new changes we expect to see in cyber attacks and attack patterns in the coming year. Before we dive into those, we will spend a little bit of time focusing on the five newest tactical attacks we expect to see a whole lot more of in 2019. After that, we will look into the big new shifts in targets and attack strategy that will dominate Cyberwarfare over the coming year. After we review the tactical and strategic threats you will need to look out for next year, We will provide a look at the primary defensive strategies you can deploy to combat tomorrow’ emerging threats. That being said, while we feel confident that these represent some of the biggest new movements in the cybersecurity landscape in 2019, we also recognize that we are not the only experts here. And that there might be some big, effective attack and defense strategies that did not make it into our presentation.So, I welcome you to please share your own views on what you think will be the key threats in the comments here. With that being said, let’s get started!

1. 1
Strategies to Combat New,
Innovative Cyber Threats in 2019
www.paladion.net

2. 2
Enterprise Security for 2019
Key Cyber Strategies
to Deploy in 2019
AI-Driven Managed Detection
& Response
AI_Driven Vulnerability
Management & Response
Red Teaming
Cloud Security
Key Cyber Attacks to Defend Against in 2019
More sophisticated attacks on
individuals
Politically—motived attacks
and increased regulation
Increased attacks against small
& Medium organizations
Attacks driven by and
targeting AI systems
Explosion in size and
porousness of attack surface

3. 3
New, Innovative Threats to Watch out for
Biometric AttacksBlockchain AttacksCryptojacking Drive-by-DownloadsShadow IT Attacks
Biometric technology
can be stolen,
replicated, and altered.
Blockchain based
technologies needs to
secured like you would
other platforms.
Cybercriminals are now
forcing their victims to
mine cryptocurrency
for them.
As users get cautious,
attackers will use
exploits that require no
action from the user
Applications are being
installed without
central oversite

4. 4
Key Threats 2019

5. 5
Increased Attacks Against Small & Medium Orgs
2019 Prediction
More SMBs work with external security vendors, and market their new
robust security as a primary selling point.
Cyber criminals are targeting small &
Medium organizations for a few reasons:
▪ More data usage make small orgs more
valuable targets.
▪ They have weaker supply chains
▪ The cost of sophisticated attacks has
decreased.
▪ Small orgs are the weak links in enterprise
supply chain
▪ Small orgs are easier to breach than
enterprises.
58%
of malware victims
are small biz
$2.2m
= av. cost of an
attack on a small biz

6. 6
Political Attacks and Increased Regulation
2019 Prediction
Governments play a great role in cybercrime and cybersecurity- internally
and externally.
Governments will increase their cyber
involvement in a few key ways:
▪ Subtle cyberwarfare between governments
▪ More cybercrime terrorist attacks
▪ Direct attacks against infrastructure,
companies, and populations $1.63
billion = maximum fine
Facebook could face
from GDPR alone
Governments will impose greater
cyber regulation:
▪ GDPR is only the beginning
▪ More governments will regulate cybersecurity
▪ Multi-billion $ fines become the norm

7. 7
More Sophisticated Attacks on Individuals
2019 Prediction Monitoring of User Behavior data becomes mandatory.
Individual users reman the main cause
of breaches:
▪ Emerging tech makes it easier to trick
individuals.
▪ All user credentials are now high-value
▪ More insider threats from current & past
employees
▪ Majority of breaches = targeted employees
or negligence
▪ Targeted attacks increase in sophistication
▪ Targeted attacks focus on snr. execs and
their support staff
84%
of reported cyber
attacks caused by
individual errors /
insider threats.

8. 8
Explosion in Attack Surface
2019 Prediction
Orgs become larger, more interconnected, and more fragile to even small
attacks— especially ransomware.
Every org is increasing their attack surface
through many areas:
▪ Cloud adoption
▪ IoT proliferation
▪ More external partnerships
IoT will create the most new vulnerabilities:
▪ IoT devices can be hacked and deactivated
▪ IoT devices give access to central networks
▪ Industries with the most mission-critical IoT
devices suffer most
34%
of executives plan to
assess the business risk
of their upcoming IoT
adoption.
Only

9. 9
AI-Driven and Targeted Attacks
2019 Prediction We see the first large-scale, sophisticated, AI-driven attacks.
AI systems become targets:
▪ AI programs are data-rich
▪ AI programs are automated, unsupervised,
and corruptible
91%
of cybersecurity
experts concerned
about criminals using
AI in their attacks
Criminals use AI to supercharge their attacks:
▪ Increased speed, scale, sophistication
▪ Capable of exploiting larger org. perimeters
▪ Increased asymmetry between attackers /
organizations

10. 10
Key Strategies 2019

11. 11
Strategy 1:
AI-Driven Managed
Detection & Response
(MDR)
The average organization requires over 100 days to find
and remediate a threat that has already breached their
systems.
MDR offers a comprehensive solution to combat current
threats before it can cause catastrophic damages.
2019 will see MDR become a standard element of every
effective cyber defense plan.
AI and ML will be increasingly integrated into MDR
programs.
MDR services are filling the need of organizations of all sizes
that lack internal security resources and expertise…”
- Gartner
MDR Services Market Guide, June 2018

12. 12
Strategy 2:
AI-Driven Vulnerability
Management &
Response
AI-Driven Vulnerability Management and Response (VMR)
goes beyond traditional VM programs to offer advanced
triaging and swift remediation.
AI-Driven VMR fills a crucial gap in current VM programs
by focusing on auto remediation of vulnerabilities and
exploits seen in the wild.
In 2019, organizations will utilize Artificial Intelligence
driven VM programs that also provide remediation
With AI-Driven VMR, organizations will fortify IT systems
and be much more resilient to cyber attacks
According to CVE, there were 15,571 vulnerabilities reported in 2018.
Since 1999 there have been a total of 109615 reported vulnerabilities.
Many of them still relevant today.

13. 13
Strategy 3:
Red Teaming
Red Teaming shows you how your internal security
performs during a real-world attack.
Red Teaming uncovers the exact security holes that
attackers will use to penetrate your systems.
In 2019, more organizations will utilize Red Teaming
exercises to give their internal security teams “hands on”
experience fighting an attack.
By repeating Red Teaming, organizations will continuously
evolve their defenses, and stay one step ahead of their
attackers.
Red team exercises generally provide the most insight into
your blue-team’s readiness to face an attack.”
- CSO Online

14. 14
Strategy 4:
Cloud Security
Organizations need to adopt powerful, cost-effective Cloud
services to remain competitive.
Cloud providers often provide far less protection than their
users assume.
After a high-profile breach of a major Cloud provider, most
organizations will begin to work with Cloud Security
providers.
Cloud Security services will extend beyond popular
platforms—such as Azure and O365.
of organizations believe that traditional
approaches to security don’t work for Cloud
infrastructures.84%

15. 15
Let’s discuss how we can
combat tomorrow’s
sophisticated cyber threats
Visit www.paladion.net
Email sales@paladion.net

16. 16
Thank You