This document summarizes 10 cyber security trend reports for 2019. Common trends identified across the reports include rises in crypto mining, state-sponsored attacks, security skills shortages, Internet of Things risks, cloud provider attacks, supply chain attacks, phishing as the primary attack vector, and increased regulations. The reports also highlight the importance of user awareness, basic IT hygiene, incident response readiness, and having adequate security resources.

1. CYBER SECURITY
2019 CYBER SECURITY TRENDS
REPORTS SUMMARY
VERSION: 1.4
DATE: 10/07/2019
AUTHOR: SYLVAIN MARTINEZ
REFERENCE: ES-CST
CLASSIFICATION: PUBLIC

2. 2
• Presentation goal;
• Review scope;
• Enisa;
• BAE systems;
• Checkpoint
• Cisco;
• Fireeye;
• Symantec;
• TrendMicro;
• Thales;
• Microsoft;
• Crowdstrike;
• Common security
trends;
• Key take away.
CONTENTS
PUBLIC
CONCLUSIONREPORTSCONTEXT

3. PRESENTATION GOAL
3
LEARN ABOUT THE COMMON
SECURITY PREDICTIONS
3
LEARN ABOUT THE REPORTS
MAIN PREDICTIONS
2
LEARN ABOUT ABOUT
SECURITY TREND REPORTS
1
TO LEARN ABOUT MAIN 2019 SECURITY TRENDS
CONCLUSIONREPORTSCONTEXT
Icons: from The Noun Project unless stated otherwisePUBLIC

4. REVIEW SCOPE
4
CONCLUSIONREPORTSCONTEXT
PUBLIC
LOOKING AT 10 OF THE MOST POPULAR CYBER SECURITY REPORTS PUBLISH FOR 2019
SOME REPORTS ARE PREDICTIONS FOR 2019, SOME ARE LOOKING BACK AT 2018'S THREAT
TO PROVIDE INSIGHT INTO 2019 UPCOMING THREATS
BAE SYSTEMS CHECKPOINT CISCO FIREEYEENISA
TRENDMICRO THALES MICROSOFT CROWDSTRIKESYMANTEC

5. 5PUBLIC
ENISA THREAT LANDSCAPE
REPORT 2018
PUBLISHED JANUARY 2019
THE EUROPEAN UNION AGENCY FOR
NETWORK AND INFORMATION
SECURITY
139 PAGES
MAIL AND PHISHING HAVE BECOME THE PRIMARY MALWARE
INFECTION VECTOR
1
EXPLOIT KITS HAVE LOST THEIR IMPORTANCE2
CRYPTOMINERS INCREASINGLY GENERATING MONEY FOR CYBER-
CRIMINALS
3
STATE-SPONSORED ACTORS INCREASINGLY TARGET BANKS USING
SIMILAR TECHNICS AS HACKERS
4
SKILL AND CAPABILITY BUILDING ARE THE MAIN FOCUS OF DEFENDERS5
THREAT INTELLIGENCE GENERATED IS TOO TECHNICAL FOR
MANAGEMENT
6
THREAT INTELLIGENCE NEEDS TO IMPROVE AUTOMATION7
IOT EMERGENCE IS CONTINUING TO BE A CONCERN8
THREAT INTELLIGENCE SOLUTION DIFFICULT FOR SME9 NO NEED FOR REGISTRATION
https://www.enisa.europa.eu/publications/enisa-
threat-landscape-report-2018
ENISA SUMMARY
CONCLUSIONREPORTSCONTEXT

6. 6PUBLIC
ENISA INFOGRAPHY
CONCLUSIONREPORTSCONTEXT

7. 7PUBLIC
BAE SYSTEMS 2019 CYBER
THREAT PREDICTIONS
PUBLISHED DECEMBER 2018
BAE SYSTEMS PLC IS A BRITISH
MULTINATIONAL DEFENCE, SECURITY,
AND AEROSPACE COMPANY
9 PAGES
BANK NETWORKS WILL CONTINUE TO BE THE MAIN HACKER TARGETS1
ATTACKERS WILL SHIFT TO TARGETING SYSTEMS THAT ALLOW REALTIME
SETTLEMENT OF FUNDS
2
2019 MAY SEE FINALY THE DEATH OF THE PASSWORD3
EMERGENCE OF ANTI ARTIFICIAL INTELLIGENCE ACTIVISTS GROUPS4
2019 MAY BE THE YEAR BITCOIN CRASHES5
MORE REGULATION CASES AND PRESSURE ON KYC RELATED INDUSTRIES6
RISE IN SHORTAGE OF CYBER SECURITY PROFESSIONALS7
NO NEED FOR REGISTRATION
https://www.baesystems.com/en/cybersecurity/featu
re/five-cyber-security-predictions-for-2019
BAE SUMMARY
CONCLUSIONREPORTSCONTEXT

8. 8PUBLIC
CHECKPOINT 2019 SECURITY
REPORT
PUBLISHED FEBRUARY 2019
CHECK POINT RESEARCH PROVIDES
LEADING CYBER THREAT
INTELLIGENCE AND NOT JUST
FIREWALLS!
68 PAGES
CYBER ATTACKS WILL CONTINUE TO BE PRIMARY ABOUT PROFIT1
RISE OF NATION STATES SPONSORED ATTACKS2
HIGHER RANSOMWARE DEMAND3
CLOUD PROVIDER WILL BE INCREASING TARGETED4
RISE OF MOBILE APPLICATION AND TROJAN ATTACKS5
RISE OF SPEAR PHISHING ATTACKS TO HIGH VALUE TARGETS6
FURTHER REGULATIONS ON DATA PRIVACY FOLLOWING GDPR7
RISE OF CRYPTOMINING AND CRYPTOJACKING8
RIGGING OF ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING
SYSTEMS
9
RISE OF IOT REGULATIONS10
REGISTRATION REQUIRED
https://research.checkpoint.com/vol-3-2019-security-
report/
CHECKPOINT SUMMARY
CONCLUSIONREPORTSCONTEXT

9. 9PUBLIC
CISCO 2019 THREAT REPORT
PUBLISHED FEBRUARY 2019
CISCO IS A U.S. INTERNATIONAL
COMPANY MAINLY KNOWN FOR ITS
NETWORK HARDWARE WITH ALSO
CYBER SECURITY SOLUTIONS
20 PAGES
RISE OF MODULAR ATTACKS ADAPTING TO TARGETS1
RISE OF EMAIL AS MAIN THREAT DELIVERY METHOD2
RISE OF CRYPTOMINING3
RISE OF MOBILE DEVICE MANAGEMENT IMPORTANCE4
ATTACKS TO CONTINUE TO BE REVENUE GENERATION DRIVEN5
RISE OF DATA EXFILTRATION ATTACKS6
RISE OF DISTRIBUTED DENIAL OF SERVICE ATTACKS7
REGISTRATION REQUIRED
https://www.cisco.com/c/en/us/products/security/se
curity-reports.html
CISCO SUMMARY
CONCLUSIONREPORTSCONTEXT

10. 10PUBLIC
FIREEYE FACING FORWARD
CYBER SECURITY IN 2019 AND
BEYOND
PUBLISHED NOVEMBER 2018
FIREEYE IS A PUBLIC U.S. COMPANY
CREATED IN 2004. IT PROVIDES
SOLUTIONS TO INVESTIGATE AND
PROTECT AGAINST CYBER ATTACKS
40 PAGES
MORE NATIONS DEVELOPING CYBER CAPABILITIES1
DETORIATING RULES OF ENGAGEMENT IN CYBER SPACE2
RISE OF DATA BREACHES3
LACK OF EFFECTIVE SECURITY RESOURCES4
RISE IN CONSOLIDATION OF TECHNOLOGIES5
RISE OF SUPPLY CHAIN COMPROMISED6
RISE IN USE OF ARTIFICIAL INTELLIGENCE IN CYBER SECURITY7
RISE IN USED OF QUANTUM COMPUTING8
RISE OF FALSE INFORMATION DESSIMINATION ON INTERNET9
RISE IN IMPORTANCE OF EMAIL AND MOBILE SECURITY10
NO NEED FOR REGISTRATION
https://www.fireeye.com/current-threats/annual-
threat-report/cyber-security-predictions.html
FIREEYE SUMMARY
CONCLUSIONREPORTSCONTEXT

11. 11PUBLIC
SYMANTEC INTERNET SECURITY
THREAT REPORT
PUBLISHED FEBRUARY 2019
SYMANTEC IS A GLOBAL CYBER
SECURITY COMPANY FAMOUS FOR ITS
ANTI VIRUS AND NOW HARDWARE
WITH THEIR BLUECOAT RANGE
61 PAGES
RISE OF WEB BASED ATTACKS1
DECREASE IN CRYPTOJACKING2
RISE IN MOBILE AND ENTERPRISE RANSOMWARE3
DECREASE IN OVERALL RANSOMWARE4
RISE IN SUPLY CHAIN ATTACKS5
RISE IN USE OF POWERSHELL IN CYBER ATTACKS6
RISE IN USE OF DESTRUCTIVE MALWARE7
RISE IN FORMJACKING FOR FINANCIAL INFORMATION8
RISE IN ATTACKS AGAINST IOT9
RISE OF GEOPOLITICAL CYBER ATTACKS10
REGISTRATION REQUIRED
https://www.symantec.com/security-center/threat-
report
SYMANTEC SUMMARY
CONCLUSIONREPORTSCONTEXT

12. 12PUBLIC
TRENDMICRO MAPPING THE
FUTURE REPORT
PUBLISHED DECEMBER 2018
TRENDMICRO IS A GLOBAL COMPANY
BASED IN JAPAN SELLING CYBER
SECURITY SOFTWARE SOLUTIONS
31 PAGES
RISE IN ADVANCE AND USE OF ARTIFICIAL INTELLIGENCE1
RISE IN ADVANCE AND USE OF MACHINE LEARNING2
RISE IN POLITICAL IMPACT OF CYBER SECURITY3
RISE OF BREACHED CREDENTIALS4
RISE IN DEPTH OF DIGITAL INTRUSIONS5
RISE IN CASES OF SEXTORTION6
RISE IN USE OF FAKE NEWS7
RISE IN LACK OF CYBER SECURITY STAFF8
RISE IN USE OF OUTSOURCING9
RISE IN IMPORTANCE OF CYBER INSURANCE10
NO REGISTRATION NEEDED
https://www.trendmicro.com/vinfo/us/security/resea
rch-and-analysis/predictions/2019
TRENDMICRO SUMMARY
CONCLUSIONREPORTSCONTEXT

13. 13PUBLIC
THALES 2019 DATA THREAT
REPORT
PUBLISHED JANUARY 2019
THALES IS A FRENCH BASED GROUP
WITH VARIOUS SECTOR OF ACTIVITIES
INCUDING CYBER DEFENCES
SOLUTIONS
32 PAGES
DIGITAL TRANSFORMATION STRETCHING BUDGET & SECURITY1
REACHING A SECURITY SPEND CEILING2
THREAT VECTORS ARE SHIFTING TO EXTERNAL ACTORS3
NO ORGANIZATION IMMUNE TO DATA SECURITY THREATS4
COMPLEX DATA ENVIRONMENT IMPACTING DATA SECURITY5
RISE IN IMPORTANCE OF CLOUD SECURITY6
RISE IN USE OF MULTI LAYERS APPROACH TO SECURITY7
DATA SECURITY IMPROVEMENT PUSHED BY REGULATION8
REGISTRATION REQUIRED
https://www.thalesesecurity.com/2019/data-threat-
report
THALES SUMMARY
CONCLUSIONREPORTSCONTEXT

14. 14PUBLIC
MICROSOFT SECURITY
INTELLIGENCE REPORT V.24
FEBRUARY 2019
MICROSOFT IS A GLOBAL COMPANY
BASED IN THE USA AND PROVIDING
SOFTWARE ARE IT RELATED SERVICES
36 PAGES
OVERALL MALWARE ATTACKS ON THE DECLINE1
OVERALL RANSOMWARE ATTACKS ON THE DECLINE2
CRYPTO MINING ON THE RISE3
EMERGING BROWSER-BASED CRYPTO MINING4
RISE IN SOFTWARE SUPPLY CHAINS RISK5
RISE IN CLOUD BASED COMPROMISE6
RISE IN USE OF PHISHING AS MAIN ATTACK VECTOR7
SIGNS OF INCREASED MALWARE ACTIVITIES IN AFRICA8
REGISTRATION REQUIRED
https://www.trendmicro.com/vinfo/us/security/resea
rch-and-analysis/predictions/2019
MICROSOFT SUMMARY
CONCLUSIONREPORTSCONTEXT

15. 15PUBLIC
CROWDSTRIKE 2019 GLOBAL
THREAT REPORT
PUBLISHED MARCH 2019
CROWDSTRIKE IS AN AMERICAN
CYBER SECURITY COMPANY
PROVIDING SOFTWARE AND
CONSULTANCY SERVICES
75 PAGES
RISE IN NATION STATE SPONSORED ATTACKS1
RISE IN ATTACKS AGAINST TELECOMMUNICATION PROVIDERS2
RISE IN ATTACKS AGAINST MANAGED SERVICE PROVIDERS3
RISE IN SUPPLY CHAIN COMPROMISES4
RISE IN BALKANIZATION OF THE INTERNET5
SPREAD OF STATES' SURVEILLANCE ACTIVITIES6
RISE IN INFORMATION OPERATION CAMPAIGNS TO INFLUENCE PUBLIC
OPINION
7
CRYPTO MINING WILL NOT INCREASE BUT STILL A THREAT8
REGISTRATION REQUIRED
https://www.crowdstrike.com/resources/reports/201
9-crowdstrike-global-threat-report/
CROWDSTRIKE SUMMARY
CONCLUSIONREPORTSCONTEXT

16. 16PUBLIC
COMMON SECURITY TRENDS
CONCLUSIONREPORTSCONTEXT
RISE OF CRYPTO MINING (EXPECT FOR CROWDSTRIKE)1
RISE OF STATE SPONSORED ATTACKS2
RISE OF SECURITY SKILLS SHORTAGE3
RISE OF INTERNET OF THINGS RISKS4
RISE OF CLOUD PROVIDERS AND SERVICES ATTACKS5
RISE OF SUPPLY CHAIN ATTACKS6
RISE OF PHISHING AS PRIMARY ATTACK VECTOR7
RISE OF REGULATIONS8
RISE OF MISS-INFORMATION ATTACKS9
DECREASE OF RANSOMWARE ATTACKS10

17. 17
UNDERSTAND KEY SECURITY TRENDS TO
BETTER ALIGN YOUR SECURITY PRIORITIES
1
ALL REPORTS HIGHLIGHT THE IMPORTANCE OF
USER AWARENESS
2
ALL REPORTS RECOMMEND BASIC IT HYGIENE3
ALL REPORTS HIGHLIGHT THE IMPORTANCE OF
INCIDENT RESPONSE READINESS
4
ALL REPORTS STRESS THE IMPORTANCE OF
HAVING ADEQUATE SECURITY RESOURCES
5
PUBLIC
KEY TAKE AWAY
CONCLUSIONREPORTSCONTEXT

18. © 2015-2019 ELYSIUMSECURITY LTD
ALL RIGHTS RESERVED
HTTPS://WWW.ELYSIUMSECURITY.COM
CONSULTING@ELYSIUMSECURITY.COM
ABOUT ELYSIUMSECURITY LTD.
ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY
VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE
RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE
SECURITY AWARENESS THROUGH AN ORGANIZATION.
ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED
THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE
INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST
SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES.
ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL
SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER
SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING
DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS.
ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE,
A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR
BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A
PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT.