A DZone researcher talked with executives and experts from across the cybersecurity industry to get their predictions for the field in the coming year.
Given how fast technology is changing, we thought it would be interesting to ask IT executives to share their thoughts on the biggest surprises in 2017 and their predictions for 2018.
Here’s the second of six articles (you can see Part 1 here) sharing what they told us about their predictions for security moving forward. We’ll cover additional predictions for 2018 in future articles.
Machine Learning and AI will continue proving their worth in the security space. The shock and awe have faded, and now we are really seeing effective applications of these technologies that go beyond marketing buzzwords. Another area that will see more support from vendors is shared threat intelligence. This has always been a challenge, maybe more so in the private sector than the public sector, and security vendors are weaponizing threat intel, either from within their customer pool or across vendors, to better equip customers to address potential threats. Both of these areas will help push us more towards frictionless security workflows that enable a more risk-based approach to safeguarding digital assets. OneLogin is embracing this not only as part of our product offerings but also for our own security programs.
In 2018, we will see more breaches at organizations that do not have an integrated, top-down approach to cybersecurity. After seeing the heads of Yahoo and Equifax in front of Congress, I suspect that CXOs and boards of directors will put extra focus on cybersecurity impacts, leading indicators, and best practices. An emphasis will be placed on cybersecurity education, and the dangers of common, less effective approaches to cybersecurity will become apparent. These same roles will also need to focus on institutionalizing and monitoring these best practices, as seasoned cybersecurity talent is scarce.
Unfortunately, I fear that there will continue to be substantial security breaches and issues in 2018, especially as more IoT devices flood the market. This will result in more regulatory discussions, which I hope actually help increase resiliency. AI/ML will be the buzzwords du jour at the major security conferences, but only a few vendors will actually be able to back-up their claims.
Ransomware has evolved multiple times in 2017 with the popularized “WannaCry” variant. Ransomware in 2018 will continue to evolve due to its continued profitability by malicious actors.
However, being impacted by Dynamic Denial of Service (DDoS) attacks in the form of the Mirai-Dyn attack was something we didn’t expect. While botnets aren’t new, the size of this botnet was able to significantly degrade services or create outages for webservices. Newer botnets like Reaper could be just as impactful or more for organizations that heavily rely on SAAS and cloud services.
Wire fraud is expected to continue because of the large payoff for a malicious actor if they are successful. Malicious actors spend a lot of time silently searching for potential attack vectors they can use. These attack vectors are unique to every organization but many of them do start will a hurried fraudulent email from your CEO asking you to send out a wire transfer.
The Equifax breach may potentially open up more tax fraud cases due to the large amount of Personally Identifiable Information (PII) that was breached. Tax Return Fraud is hard to detect until after you try to submit your own tax returns and receive a letter from the IRS indicating the problem.
While the Equifax breach was a significant breach, it will not be the last breach we see. Organizations are not purposefully negligent or have a desire to disrespect the sensitive information they use to run their business. The problem is that there are so many points in an organization where hidden gaps can exist. Two common examples that we see today are poor application code or design and misconfigured cloud environments. During the post-breach retrospective events, the gaps are often not complicated and point back to basic technical controls.
Identity theft will likely continue to rise as more of our PII and Personal Health Information (PHI) is breached. Sadly, the new reality that many people face is that they’re now desensitized by all the breaches, which because we cannot regain our privacy, might mean they might become careless about protecting it even further.
Internet of Things (IoT) devices are beginning to saturate corporate organizations as well as see continued adoption from consumers. These devices seek to automate and simplify our lives; however, they are often neglected when it comes to administratively maintaining them. While a vendor may recommend applying new firmware updates, they are not applied unless the device starts misbehaving and someone applies the update to troubleshoot the issue.
The last type of threat is the prevalence of fake or phantom social media accounts that are used to push a political or organizational agenda. These types of “marketing” campaigns are expansive and there are currently no systems to separate real user opinions from paid responders. While Reddit is the most common example, this type of behavior is also seen in Amazon product reviews as well. Amazon has updated its policies to combat this but the fight for the authenticity of online reputation and opinion is long from over.
