Trend Micro’s 2020 Predictions – Escalating Cloud and Supply Chain Risk

by | Nov 21, 2019

2020 Trends

Trend Micro Incorporated today announced its 2020 predictions report, which states that organizations will face a growing risk from their cloud and the supply chain. According to Trend Micro’s 2020 predictions, the growing popularity of cloud and DevOps environments will continue to drive business agility while exposing organizations, from enterprises to manufacturers, to third-party risk.

“As we enter a new decade, organizations of all industries and sizes will increasingly rely on third-party software, open-source, and modern working practices to drive the digital innovation and growth they crave,” said Nilesh Jain, Vice President, Southeast Asia and India, Trend Micro. “Our threat experts predict that this fast growth and change will bring new risks of supply chain attacks. From the cloud layer all the way down to the home network, IT security leaders will need to reassess their cyber risk and protection strategy in 2020.”

Trend Micro’s 2020 predictions

Attackers will increasingly go after corporate data stored in the cloud via code injection attacks such as deserialization bugs, cross-site scripting and SQL injection. They will either target cloud providers directly or compromise third-party libraries to do this.

In fact, the increasing use of third-party code by organizations employing a DevOps culture will increase business risk in 2020 and beyond. Compromised container components and libraries used in serverless and microservices architectures will further broaden the enterprise attack surface, as traditional security practices struggle to keep up.

Managed service providers (MSPs) will be targeted in 2020 as an avenue for compromising multiple organizations via a single target. They will not only be looking to steal valuable corporate and customer data, but also install malware to sabotage smart factories and extort money via ransomware.

The new year will also see a relatively new kind of supply chain risk, as remote workers introduce threats to the corporate network via weak Wi-Fi security. Additionally, vulnerabilities in connected home devices can serve as a point of entry into the corporate network.

Amidst this ever-volatile threat landscape, Trend Micro recommends organizations:

  • Improve due diligence of cloud providers and MSPs
  • Conduct regular vulnerability and risk assessments on third parties
  • Invest in security tools to scan for vulnerabilities and malware in third-party components
  • Consider Cloud Security Posture Management (CSPM) tools to help minimize the risk of misconfigurations
  • Revisit security policies regarding home and remote workers 

RELATED STORIES

Cybercriminals are now discussing how to hack IoT devices: Trend Micro


To read the full report on Trend Micro’s 2020 predictions, The New Norm: Trend Micro Security Predictions for 2020, please visit: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2020.

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles