The Cyber speaks: What will actually happen in 2020

The only true way to predict computer security is to hear from the machines themselves.
2020 cybersecurity predictions
3d rendering ai artificial intelligent robot hand point hand in to the rising graph with virtual mixed augmented reality for predict growing growth in future 2020 for business development to success (Getty Images)

Editor’s Note: It seems like the entire cybersecurity sector has something to say about what the future holds for 2020. But what do the computers themselves think? Kelly Shortridge, VP of product strategy at Capsule8, forced a bot to read more than 1,000 cyber security predictions for 2020 and then asked it to write predictions of its own. Here is the result. The article is all generated through Markov chains and is only super lightly edited for clarity.


The year 2020 indicates more years. The year 2020 expects to showcase more budgets and detecting weird things and anomalies. 2020 will very likely bring a greater risk. There is a lot of skepticism that has existed for years, but in 2020 we will have to consider that top security conferences could lead to even disasters based on the activities of ‘undesirable’ individuals.

Looking forward, 2020 promises to be the easiest vector of attack vectors. Rather than trying to gaze into a crystal ball, research firm IDC estimated that hackers are important to us. It is just a matter of time before some attackers don’t care.


Technological advances in AI and machine learning will offset increasing cloud expertise. Deep fakes will ransomware targets in the Cloud. Nations will need to understand DevOps software development and adoption of AI as part of their digital transformation and propaganda. Large scale, multi-vector Gen Z cyber attacks will make headline news and cast doubt on the private industry. Data will consolidate and extend their spheres of influence.

Don’t be chilled by what you don’t know. You ain’t cybersecurity.

We should cite Clausewitz’s dictum, “War is merely the continued reliance on traditional security practices.”

Prediction #1: Growth of Zero Trust A(I)ttacks

When exactly did cybersecurity with AI in enterprises today? The year 2020 expects to see an increase in the preventative approach of deep learning environments, which will become outdated and dangerous. TTPs will continue to evolve cyber threats; we’ll fight AI with AI. Drones hovering outside office windows will discuss ML and AI to combat the threat landscape. These AI will announce a strike over Twitter, the first monumental disruption in 2020.


Real-time data and analytics and machine learning and AI creates unpreparedness by corporations and Big Tech companies. Managed detection engines are built on human made logic, but keeping this up-to-date against the latest studies costs almost three million cyber security. Perhaps the most attention raised by increasingly employed AI-based solutions is our need to reconsider our notions of what makes a mistake.

Our lives will continue to escalate, and so will the steady migration of AI algorithms to become more money. Companies should encourage their teams to lift their maturity and look for modern ways of doing things, such as leveraging AI to implement solutions that help attackers. However, AI won’t only enable malware, but also dramatically be a harbinger for the cyberthreat landscape. AI will move undetected across complex digital infrastructure (CI) and open doors to threats.

Scammers will continue to be one of the most difficult problems to tackle and will use more sophisticated techniques, like AI, to break into well-protected systems. Without any packaged-up, off-the-shelf solutions to help detect these ever-growing AI and ML solutions, adversaries will make huge progress. With AI, the same adversary could target 20 companies and add billions of interesting cybersecurity regulations. This topic will command headlines month after month, and unfortunately, we will be worse for it.

We should cite Clausewitz’s dictum, “War is merely the continuing educated guesses based on artificial intelligence.”



In 2020, the ever-popular cloud-based, resilient architecture comes into focus. Every year irrespective, any reduction in transportation, energy, defense, aerospace, healthcare, manufacturers, enterprises will have to continue because it will become the cloud offerings. The Cloud Continues to be a promising service.

2020 will see the continued integration of digital transformation. They must be diligent in ensuring they protect their systems, especially moving to the Cloud as part of their digital transformational.

Preventing cloud compromises will require a cross-generational blend of multilayered and connected defense powered by security mechanisms such as the DevelOps. Companies are not synchronized with the DevOps. Security of their workloads in the cloud remains low. Any given cloud at any given time has at least 14 zero-day attacker-controlled lightbulbs (they make them blink SOS in Morse code).

Typical Public Cloud accessible systems are complex and esoteric. Everything is more computers. The Cloud continues to be the easiest vectors that present new wrinkles. The smallpox of cybersecurity is very fragmented, meaning across multiple clouds. That’s something we also believe is probably being overlooked. Unfortunately, most companies maintain both on-prem and cloud environments.

DevOps will increase as sophisticated attacks hit the on-prem world. The year 2020 will be for those who can match the needs of various groups who compromise the DevOps pipeline. 53% of security workers report that their team’s understanding of DevOps software development was largely thought of as a linear progression. Unfortunately, there will be a rise of New Zero-Day Exploits that result in the steady migration of digital transformational benefits.


When ubiquitous, the Google Cloud will create a virtually insurmountable layer of compliance. API keys will be floating around our neighborhoods, office buildings, and other public spaces. A new breed of data at scale. In the near-term, the threat is the array of consumer data being released into the DevOps pipeline. Business Email Spoofing has previously cried wolf with allegations of data on the cloud. In 2020 and beyond, they will continue to deploy DevOps build/release/run technology, which leaves them vulnerability. In order for us to defend, we need to insert the security realm, quantum communications, in containers.

Criminal organizations will adopt a cloud-first approach. Too many organizations, including APT33, APT34, and TEMP.Zagros, will shift strategies to adopting integrated intelligence into the DevOps process. For example, the abuse of packages and libraries that use cloud service literature. This model cashes in on the wide attack surface for misconfigurations, observing anomalous behavior within cloud applications in that old medium known as “smoke and mirrors.”

And it’s a matter of time before some attackers draw the line by avoiding DevSecOps. According to the FBI, businesses have lost $26 billion in the past few years. This is due, in part, to the global adoption of DevSecOps and shapeshifting. It will have profound implications for the good guys; we cannot let the bad guys have the sophisticated movements and contemporaneous event streams. One estimates up to 95% of compromising situations are due to DevSecOps. There’s no end in sight for this crisis.

We should cite Clausewitz’s dictum, “War is merely the continuation of the evolution in cloud security.”



In 2020, we will likely develop new and more connected things in 2020. Gone are the days of networks isolated behind a company firewall and a limited stack of enterprise IoT devices. There are many IoT devices, smart homes, and more devices becoming connected. As this is a well-established backdoor into our lives, we must see a steady growth of IoT-related attacks. We have already.

State-sponsored botnets of compromise will increase. In 2020, we expect to see nation state military cyber operations against cryptography, which will become a necessity for all aspects of malicious activity in the IoT network. Governments and the nation-state groups may seek opportunity for compromised devices like smart TVs and speakers to snoop on data access requests (DARs) remotely. We expect to see state actors looking to transfer large amounts of information on those devices to stream videos or host malware on a computer every 39 seconds on average.

We believe industrial processes will be used to install malicious activity in the name of innovation without loss of control. Smart buildings and smart cities will more than double to nearly $2.1 billion, according to Gartner. Connected buildings will account for 81% of all connected things in the nation.

Incomplete or defective patches can be bypassed to exploit IoT security sensors, intelligent streetlights, and smart meters with modified firmware. For sensitive leaks, for instance, someone could pose as an electrician to gain physical and cyber.

Our prediction around OT cybersecurity is that drone-based network attacks will continue in 2020. Drones equipped with specially fitted hardware and software and hardware and software platforms or systems may be parked on the roof of a building’s OT system. Drones equipped with a device like a WiFi Pineapple can be placed in proximity to a targeted company for exploitation of a previously undisclosed vulnerabilities in containers. The future holds so many possibility.


Because of all the threats, there’s a huge market for counterfeit components and cloned products, increasing the threat of using ‘defense in depth’ – multiple layers of controls where staff are locked out of their computers. Expect to see demand for new information security fatigue as more and cheaper chips and components drive booming business. While we can expect the shift from legacy CPU architecture, we anticipate there will be cyberattacks on these next-gen processors




Be aware of it pioneering the all data lifecycle. It’s time I gather the smart cities.


We should cite Clausewitz’s dictum, “War is merely the only way to monetizing IoT network attacks.”

Prediction #4: 5G offers unprecedented data theft speeds

The newest cellular standard, 5G, is rolling out across the world in response to the global success of the cyber arms race. The year 2020 will see a rise in the adoption of 5G, however, it may end up being the catalyst for a radical paradigm shift to unprecedented data theft. Gartner estimates at least 40% of IoT-created data is now stored, processed and analyzed to create many victims at 5G speeds. With the advent of 5G, even more data will be carried out to eavesdrop, take control of, and even passports.

5G tech is so important because it will deliver blows slowly, stealthily, and virtually. Both cell towers and Wi-Fi access points could increase sophisticated criminal scams such as GDP. The CEOs of Amazon, AT&T, Dell, IBM, and others will conceal locations more than ever before. The bandwidths that 5G enables will drive espionage in situations, once autonomous functionality provides a reasonable amount of time to execute codes. Nations will need to adapt accordingly.

Ultra-fast 5G networks across all industry should never be exposed to the public internet. The more reliable connectivity and lower latency will work in the favor of determined attackers wishing to transfer exponential gains in IT security or privacy. Imagine being able to download a 2-hour malware in less than one minute. We’ve only seen the tip of the iceberg.


Data volumes skyrocket with 5G – talk is up about 150% in 2019 alone. Basically, this has generally incremental improvements in speed and evolution. However, this is not without cost or risk. We should expect to see new types of “voishing” attacks, making voice a new weapon of choice. Imagine receiving an urgent call or voicemail from your “boss,” asking to steal customers. As a result, we are going to see a lot more voice-related attacks in regions that lie along the trade routes between Asia and Europe.

It’s possible that we will see changes to legislation. Nevertheless, readiness.

We should cite Clausewitz’s dictum, “War is merely the cohesion of 5G wireless to malfunction a nationwide digital.”


In 2020, autonomous vehicles (AV) will be brought to a standstill. The year 2020 expects to see an increase in their use of this threat. Cyberattacks causing cars to malfunction are not off limits to foot and vehicle traffic. Unfortunately, wireless vehicle communicated to both cell towers and to Wi-Fi access points located through phone calls with spoofed accents and vocal patterns bypass standard security ecosystems.


Recent Ponemon research has found that nearly 20% of organizations rolling out a luxury car with sharing of privileged accounts lose control through simple misconfigurations. Wireless vehicle controls will be corrupted or poisoned with malicious third parties who wish to provide a reasonable amount of leaked data. Flaws and weaknesses involving the deserialization of untrusted data will be a major concern, particularly in enterprise applications, like Grindr, used directly by vehicle-based systems.

Strength in cyber security buzzwords will also be used to install malicious malware on systems or could turn the engine off while driving at high speed. In the next few years, once autonomous vehicles become more prevalent in account takeover, attackers could turn the engine off while driving to elections. Still, connected to the internet of Things (IoT), we will also see other cyberattacks causing cars to malfunction before they lose control rapidly. The same exact concern applies to other autonomous or connected vehicles, such as trucks, trains and airplanes, which could in turn create a negative feedback cycle.

As autonomous trucking becomes more widespread, interest among cybercriminals will become so damaging that the FBI will soften its stance on paying ransoms. Likewise, they may struggle with Niels Bohr, the leader of the criminal operation of long-haul trucking. IT teams alike should be helping isolate digital vehicle hijacking, and even interrupt or disable autonomous cargo trucks. The security of connected cars and autonomous trucking will become more widespread by forging elements – for instance, the usage of cyber spotlight.

We should cite Clausewitz’s dictum, “War is merely the re-emergence of some spectacular car crash synergies.”

Prediction #6: Ransomware is, unfortunately, the most obvious.


The year 2020 will be the ransomware attacks. Research has shown that the threat is the ‘ignorance’ – which is cryptocurrency. With the decline of cryptocurrency accounts, attackers will make use of the established banking community. New online banking and payment data would now be wielded by an adversary activity. One thing’s for certain – illegal fees as well as rewards will join forces. Despite its soaring revenues, it must rebuild a damaged customer base.

Ransomware’s efficacy is, by-and-large, due to its speed – it can simply move faster than society’s ability to deal with their ethics. Society has become an afterthought, leaving major vulnerabilities for self-driving cars, remote robotic surgeries, and human bodies. However, the next-generation of society reduces the barriers to entry for the new wave of cyber criminals. We’ll start to suck a little less.

Our prediction is that 2020’s next attack is novel and may be a harbinger for unspecified targeted ransomware. Recently, untargeted “shotgun blast” ransomware has plateaued with attackers showing preference for targeted attacks using of deepfakes. Insider threat intelligence operations teams will create dedicated executives in remote locations that lie within the Darknet to conceal their operations.

The widespread ransomware cases that have grown in intensity over the past year demonstrates that 53% of these accounts impersonate an identity (human or non-human) via DeepFake technology. These attacks will become commoditized, highly disruptive attacks that will seek to bypass all of the security outcomes. Even the typical spray and pray ransomware authors will most likely prepare for them.

Cyber-criminal attempts to use ransomware threatening industrial machine learning to combat supply chain for computers and tablets will be on the rise. Attackers will start discovering more UEFI malware and put up for sale on the dark web, their malware families competing for dominance. Ransomware in Linux infrastructure that was brought about by the public will immediately be made private. We’ve seen extremely virulent strains of this malware present unique challenges of security programs to develop security metrics to track success and provide meaningful reports to the board.


The audit side of this threat is where APT tools all look alike and TTPs can be identical twins or family members. Organizations will look to the same failed strategic collaboration and actively lay the blame on someone else. And we will continue to see the rise of cyber insurance industries whose business model is to cash in on the wide attack surface.

We should cite Clausewitz’s dictum, “War is merely the continued reliance on userland malware and living off the land.”

Prediction #7: The End of End-User Elections

In 2020, we expect to properly understand how we realized that we are terrible. Political adversaries will look for a reality. It will be fake news 2.0. Drones hovering outside office windows will hijack a Bluetooth mouse to silently install malware on systems to tally who is our next president. We will all be waiting breathlessly long after the final vote has been tallied to learn if the U.S. has suffered a social media.

The effort put into continuously generating a sense of chaos and attempting to discredit candidates and push inaccurate political process is the primary threat to democracy. It’s very likely that we will see an increase in the targeting of state and local voter databases with a goal of creating voting havoc and triggering voter fraud, potentially undermining leadership for our next slate of elected representatives.


Cyber operatives allegedly attempted a cyber operatives allegedly attempted a cyber operatives allegedly attempted a cyber operations against voters and coffee.

Election hacking has implications of Russian interference in US elections. In 2016, the U.S. suffered a breach of about 383 million key decisions, creating serious havoc. Russian-speaking APT (advance persistent threats (APTs) will continue to escalate, so there will be no turning back the clock. However, regulators will protect the 2020 election – forcing the sieges of all the world to snoop on the globe. China’s Belt and Road Initiative (BRI) will drive urgency. The BRI is a large-scale breach.

As a result, traditional playbooks stipulate geopolitical conflicts are now more expensive. The next generations present opportunity for threat actors to refine cyber operations. Nation-state cyber units will increase the use of AI to analyze defense mechanisms and tailor attacks to specific weak areas. Nation-state programs use the same 1-day exploits, often deploying off of a rival’s infrastructures for proxy conflicts. Introducing a second factor does add a layer of complexity in the context of ongoing armed conflict. A failure can enable a multiple nation collision after at least 14 exploits.

In 2020, we will see U.S. forces create synergies by blending cyber operations. The problem is that attackers will exfiltrate non-conventional military force in response to a cyber attack on National Aeronautics and Space Administration (NASA) Jet Propulsion Laboratory. However, due to the sustained outage, law enforcement will be forced to quell looting and rioting when a cyber attack hits us in the past (with “20/20 hindsight”). U.S. citizens will riot due to their own VPN services more than ever before. Yes, all this sounds futuristic, but it is devastating in scope and capability.

We should cite Clausewitz’s dictum, “War is merely the disinformation factories and data refineries.”


Prediction #8: More Security Officers will get WORSE

In 2020, major corporations will collect information security officers. A recent survey has shown that some may require decision-makers and coffee to see what we do as security in 2020. However, CISO job descriptions lack a critical skill set – the ability to bring strategic value to an organizations. The CISO must answer when the board asks, “Are we secure? Are we doing the right skillsets to combat this threat?”

Enterprise executives will be concentrating their budgets – 69% of cybersecurity budgets have increased by 141% from 2010 to 2018 – and the C-suite will find themselves in a dual predicament. Research will conduct an airstrike on Chief Data Officers (CDOs), causing much heartburn for CISOs. Without equally fast defenses in place, no one will withstand the power of swarm-based attacks against CIOs and CISOs. It’s less to do with replacing bodies and more about the organization’s wallet.

There is a shortage of resources who truly understand the sensitive data. The shortage of cyber experts will continue to use slow and patchy coffee shop Wi-Fi connections. In 2020, IT security is not going to have any chance to pause and think. As a result, we foresee demand for more and more organizational frameworks. Version 1.0 of the framework will be available in cities and countries around the world. CISOs will have to establish plausible deniability and focus on modeling.

In 2020, packaged-up, off-the-shelf solutions will increasingly complex cybersecurity fatigue. 2020 will see an ever-increasing amounts of information and event management and IT monitoring. A next-generational burden for SOC employees will entail the SOC’s new encyclopedia: MITRE ATT&CK. The CISO will not be safe from the growing nightmare. Basically, cybersecurity is an authoritative government of water-witching.


CIOs and CISOs will need to be cognizant that they could be the cause of users still using silly and insecure passwords, because the industry has finally realized that we are terrible at validating online identities. For 2020, the CISO role will continue to increase the use of socially-engineered cyber impersonation as an identity. A CISO really needs to mean more than an insider threat. Sean predicts CISOs and CISOs will be anti-virus software supplier auditing systems.

CIOs and CISOs will build influence and emissaries, and have teachable moments to bring everybody around to understand the similarities and differences, focusing on pain and the tedious work. For 2020, they will establish common ground: good data stewardship across the board. Consumer backlash makes privacy slip-ups and accidental disclosures catastrophic security incidents – and we expect that to continue into 2020.

We should cite Clausewitz’s dictum, “War is merely the continued reliance on data when making key decisions that have broader societal implications.”


Humans suck at security and data protection. We rely on them. Accordingly, enterprises must race to lock all of the security. Nothing is more difficult to do.


Finally, this blog only exists for space programs and disruption.

We should cite Clausewitz’s dictum, “War is merely the marketing, deployed.”

Kelly Shortridge is Vice President of Product Strategy at Capsule8, an enterprise Linux protection company. Kelly is known for research into the applications of behavioral economics to information security and has spoken at conferences internationally, including Black Hat USA, Velocity, AusCERT, Hacktivity, TROOPERS, and ZeroNights. Previously, Kelly served in product roles at SecurityScorecard and BAE Systems after cofounding IperLane, a security startup that was acquired. Kelly began their career as an investment banking analyst at Teneo, covering the data security and analytics sectors.

Kelly Shortridge

Written by Kelly Shortridge

Kelly Shortridge is Vice President of Product Strategy at Capsule8, an enterprise Linux protection company. Kelly is known for research into the applications of behavioral economics to information security and has spoken at conferences internationally, including Black Hat USA, Velocity, AusCERT, Hacktivity, TROOPERS, and ZeroNights. Previously, Kelly served in product roles at SecurityScorecard and BAE Systems after cofounding IperLane, a security startup that was acquired. Kelly began their career as an investment banking analyst at Teneo, covering the data security and analytics sectors.

Latest Podcasts