2018 Predictions...Bugger that, lets look at what we got right/wrong for 2017 :)

Just got asked to put the 2018 predictive hat on...BUT before I do that I want to look back at what I wrote for this year and take an objective (ish) look at how well I read the tea leaves :)

We will baseline with the following:

Wants:

• Secure design, it is NOT too much to ask for, but it seems too much to be able to deliver. (Nothing changed here, STILL want this!)
• Honest executives who stand up and take responsibility for being breached IMMEDIATELY. (Couple have, most have still hidden behind a veil of BS)
• Those very same executives to actually take action BEYOND the first 6 months POST breach. (Yea, not happening here IS IT YAHOO/Etc.)
• When sales or marketing want a new Cloud service…they actually INVOLVE IT/InfoSec. (Seen more of the collaboration here)
• Threat intelligence that makes sense AND is usable in a timely manner. (Didn’t I build one?) (Nope, still a mess)
• People to stop using 123456, Password1 and other bloody useless codes to defend their assets. (Nope, we are still password stupid)
• Retail, financial, healthcare and other industries hit…when will someone p0wn the lawyers? (Lawyers starting to get hit w00t!!!)
• Intelligent AI…actually something that works…although possibly I don’t want this? (Hmmm, this IS starting to make its presence felt....)
• Something that actually stops me from moving away from the first computer we break into. (STILL working on this...)
• A system my grandmother can use that REMAINS secure past the date of purchase. (Nope, still not there...)

Predictions:

• All your toasters belong to…NOT YOU (same goes for your fridge, microwave and crockpot.) Oh yea, IoT hacks and BotIoTNets...got this one :)
• Not only is your PC encrypted and ransomed, so is your NEST, Samsung TV, LG Fridge, etc. Ish, ransomware on IoT and portable still not there..damm!
• We keep hearing that there are shortages in our field; we will continue to feel the negative effects. Yep, this one's hurting AND will continue to do so...
• 123456 become 124356, integrity of your data is questioned based on the undetected attacks. The concept of data integrity IS now an issue....yea!
• All your IT is run by your business units. The cloud disseminates the IT’s ability to manage data. Yep, coming into its own as more and more of an issue...
• All our data still doesn’t make sense…data analytics and modeling still has a long way to go. Arguably we still generate more data than we can comprehend?
• Managed security services will continue to grow; all MY problems become YOURS (hopefully.) Yep, MORE and MORE getting into the VSOC world
• The ability for LE around the globe to continue to collaborate on key issues WILL grow. Ish, need others to chime in here...
• Blockchain and BitCoin get used to those two words…they will continue to evolve and grow. Yea, I win the buzzword bingo on this one!
• The continued evolution of the attackers Swiss army knife of leased/purchased exploits avenues. Unfortunately yes, this one is a nasty reality...
• The evolution of non-traditional security. The Stack we have doesn’t work, time for something new. STILL have a LOT to do before we kick reactive security out...
• IF Amazon or anyone fully realizes drone delivery then watch drone-jacking become “a thing.” Dammit, still hoping this one comes true in 2018 ;-)

Thanks folks :)

2018's list will be out soon-ish :)