Cyber-Security Predictions for 2018
My 2017 in cyber; 12 months in detection and response, and predictions for 2018. Views are my own etc.
Supply Chain Attacks
The big trend of 2017 was supply chain attacks. Your attack surface extends out beyond your firewall, and compromising your key suppliers, partners, even customers represents a trusted route straight into your organisation and we saw exponential growth of these being used. As an attacker, why wouldn’t you? This trend will continue.
Vendor Bleating
Firm gets breached, cue security vendors bleating in a desperate plea for relevance. Stop it, it’s embarrassing. Feedback from my clients is that this approach does more harm than good – if you’ve got genuine insight then share it, otherwise take a step back – every breach is not about you. But on the flipside…
Buyer Turtling
Often caused by an increase vendor bleating (see above). Many vendors have powerful insight to share but as buyers it is becoming increasingly difficult to separate the insight from the bleat, and 2017 was the year of the turtle. Buyers, try to stick your head ahead above the trench and engage with those vendors who seem to be offering genuine insight in return for your time.
GDPR Not What Was Sold
Someone will get breached in late May 2018 and be the first to do so under GDPR. They won’t get a horrendous fine. Boards will wonder what all the fuss was about – our industry will take a reputational hit as the ‘boy that cried wolf’, which will set back our credibility by at least a year.
Cryptocurrencies
The bubble will burst. In the short term, perceived cryptocurrency safety is being eroded by small-scale cyber attacks – at some point an attack will spook investors who don’t really know what they’ve bought, and the whole pile will come tumbling down – if it hasn’t already done so. In the long term the infrastructure that cyrptocurrencies are built on will continue to evolve to support fintech applications. Crypto liquidity and anonymity will continue to drive ransom/extortion demands higher.
IOT
No one of any consequence cares about your internet connected toaster. However, the back-end server/control infrastructure that communicates to every toaster is fast becoming a prime target. Why hack one toaster when you can control them all? With manufacturers seeing the connected home as a land-grab race against time, one of these control infrastructures will be breached in 2018 due to security being treated as an afterthought.
Do you agree?
Kidding. Come back to me in 12 months when all/none of this has happened. Alternatively, if you’d like the technical predictions (fileless malware currently top of the list) or to talk through any of the above then contact me now for a discussion in the New Year.
Sales Manager. Cyber Security Leader | Strategic Account Development | Protecting Organisations from Digital Threats
6 年Hi Peter, very interesting, what are your thoughts? Will Trump cause an unexpected reaction?
Senior Security Specialist | Cyber Security, Cloud Computing
6 年Thought year 2017 as of rooster.
VP of Sales at Smoothwall - Supporting education institutes in safeguarding vulnerable people
6 年A very interesting read Peter! Hope all is well with you