4 wince-worthy consumer cybersecurity trends (and hope)
Last week, we published an IoT security regulations update, which shows that governments around the world are wrestling with what to do about rogue devices in homes. This is just one indicator that we're becoming more aware of a snowballing problem: increased connectivity leads to increased IoT security risk. Here are four more wince-worthy consumer cybersecurity trends that just may inform your next career move, device purchases, and online habits.
Trend 1: Cybersecurity talent shortage
DarkReading reported that between 2017 and 2018, U.S. cybersecurity job postings on Indeed.com increased by 7%— while the number of clicks on those listing dropped by 1.3%. (Ireland's postings increased by 18%, and India's a whopping 39%.)
How many jobs are we talking? Last year, CNBC cited 350,000 open positions in the U.S. and that, globally, 3.5 million cybersecurity jobs may go unfilled by 2021. As a recent Wall Street Journal article put it, "Companies like Palo Alto Networks and IBM scramble to hire hundreds of thousands of corporate hackers to defend networks and data."
The bright side: Also in the article, Wall Street Journal reports that these companies are implementing training programs (no prior experience required) and university partnerships. Offering six-figure salaries, cybersecurity roles just may be an example counterbalance to the negative technological effects on the job market, such as automation displacement.
Trend 2: Digital threats get physical
Trend 3: More credential dumps
Trend 4: Bye bye, captive portal
If you've used public WiFi in coffee shops, airports, libraries, restaurants, or hotels, you'll be familiar with getting stopped by a webpage asking you to agree to terms and conditions, log in, and/or pay before you're granted internet access. These are called "captive portals," and they actually abuse an old network security weakness by effectively pretending to be a server to which you're connecting. The rise of encrypted web and new protocols that don't have an unencrypted variant (such as the new HTTP/3 standard, which will soon be serving you websites) will have a noticeable impact on the captive portal: The encrypted web is going to abolish this impersonation vulnerability, so we can say farewell to captive portals.