TUVSCompanies consider cyber-attacks more and more as a central business risk and start to work on better protection, but will they be able to master the security challenges in the digital economy?

According to TÜV Rheinland, the question is to what extent cybercrime influences technologies like Operational Technology (OT and the Internet of Things (IoT) and explains why the shortage of skilled workers could become a major problem. As well as what role concepts -like "red teaming” or agile security - are expected to play.

TÜV Rheinland’s cybersecurity trend predictions include:

TREND 1: Cybersecurity has become the theme for the management level

Until recently, cybersecurity has not been a business risk, but just an IT problem. Despite years of warnings, cyberattacks managed to hit companies hard, costing them millions of dollars. At the same time, violations of privacy and cyberattacks remain a reason to worry, in fact they have grown from a hypothetical problem to a recognized business risk, making long-term management changes necessary.

TREND 2: Industrial cybersecurity is years behind general IT security

In a system of operational technology (OT), computers recognize and even change physical processes by controlling and monitoring equipment such as electric motors, valves or relays, which are used, e.g. by energy and water suppliers. Even though scares in "industrial cybersecurity" can have serious effects, it has been neglected for a long time and was of indifference and poorly backed with investments. At least nowadays this attitude has fundamentally changed, especially for security monitoring systems.

TREND 3: Standards represent challenges for IoT cybersecurity

Regulatory agencies and the industry for safety and data protection standards work intensively on the next stage of development that’s required in the Internet of Things (IoT) and Operational Technology (OT). Of course, it can be confusing for manufacturers and a waste of time, if you want to find out, which of these regional and industry standards they must consider. Affected from that are especially global companies engaged in product development as they need to comprehend how to guarantee conformity. The existence of competing standards could therefore lead to waste of time.

TREND 4: GDPR represents a turning point for consumer privacy

Within just a few months after the General Data Protection Regulation (GDPR) entered into force, the first accusations were made public, decisively changing privacy worldwide. The message spread is that for most industry sectors it will be cheaper to develop their products and services in a way that they are most conform to worldwide standards, instead of considering geographical data protection restriction.

TREND 5: The skills shortage in cybersecurity will distort the labor market

The importance of cybersecurity has increased, but there are not enough skilled personnel to cover the labor demand in this area. In 2020, 1.5 million professionals could be missing worldwide, and until 2021, these numbers could even double according to estimates. This makes inevitably not only cybersecurity more expensive but has an impact on supply chains as well that connect big and the smaller companies together economically.

TREND 6: "Red Team" tests and agile security win general acceptance

The terms "Red Team" test and "holistic test" have their origin in the area of penetration testing: "Red Team" simulates how on attacker penetrates a business under real conditions by exploiting existing weak points to get access to resources. While vulnerabilities can be exploited on devices, applications and infrastructures, "Red Teams" even simulate subjects like social engineering, hijacking from social media, the physical access to a building or – in extreme cases – employees with malicious intentions. In the contrast to conventional pen testing, ‘red teaming’ tries to understand how these factors play together and don’t look at them separated from each other. Agile safety tests are getting more attention as well, which aim to eliminate as many vulnerabilities as possible when developing new software.

TREND 7: Cybersecurity decides over winners and losers of the digital economy

The modern world evolves fast to a digital, knowledge-based "Industry 4.0" economy. This change has a similar effect on us like the industrial revolution in the 19th century and must face the basic challenge as well to guarantee security, namely providing necessary resources and respecting global standards.

By Daniela La Marca