By Fadi Albatal, senior vice president of marketing, Above Security
Things got serious for IT security in 2016. Sure, there were the usual attacks we’ve gotten used to seeing in the news, like distributed denial of service (DDoS) outages. However, there were also a wide range of threats that have evolved in the past year, like state-sponsored hacking that gained access to what is supposed to have been the most secure and classified data.
We expect these threats to continue to evolve in 2017. As to not paint too dire a picture, we also expect 2017 to be the year that consumers, companies, and governments start to forcefully fight back, evening the balance between hackers and security. Whether the resources are available to win the fight isn’t as certain.
With that in mind, here are the top five cybersecurity trends we’re tracking for 2017 and beyond.
- New Internet of Things (IoT) vulnerabilities
Almost 5,000 new smart devices are connected to the Internet every minute. With this increased connectivity comes increased opportunity for hackers. Just look at Mirai, malware that basically commandeers smart devices connected to the Web and uses them to launch DDoS attacks. In October, the Mirai code was used to enact the unparalleled DDoS attack on Dyn, the service provider for Spotify, Twitter, and many other large companies. As more and more smart devices come online, the possibility that attackers can control them — with Mirai and other code that will certainly be developed — is a huge potential vulnerability.
- As the attack surface increases, so does demand for security to cover it
It used to be people worked at desktop or laptop computers and stored their critical data on company servers. Those days seem so quaint now. Today, more and more companies, and individuals, are utilizing the cloud to run applications and store data. And they’re working with these data and applications in an increasingly mobile fashion, on a wide array of devices.
This provides benefits too numerous to list here, but sharing all this information over so many devices and locations also adds an almost equal number of security vulnerabilities. Add in the IoT devices discussed above and the access areas for hackers to exploit — the surface for potential attacks — has grown exponentially. As companies recognize this and, unfortunately, experience breaches, the demand to secure the whole attack surface will grow.
- Consumers and companies fight back
Right now it’s pretty clear: the attackers — whether hacktivists, black hats or other bad people — have the upper hand. However, 2017 is the year that companies and consumers fight back.
Customers are becoming wary of doing business with companies that suffer breaches and are letting them know with their pocketbooks. Consumers will also start to affect tighter security in other ways, demanding more protection from government agencies and from businesses themselves, when breaches do happen.
Businesses, then, have no choice. To keep customers, they’ll have to prove they are secure. Further, regulations are requiring businesses to have substantial protection for sensitive data, either built in or outsourced. In 2017, companies will get serious about customer data, intellectual property, and even business continuity, to the point where this is finally the year the balance tips back in favor of the good guys.
- Countries consider cyber arms treaties
There’s no question hacktivism in its many forms has become wildly successful. Organizations like WikiLeaks, Anonymous, and New World have claimed responsibility for everything from defacing websites to DDoS attacks. However, this just scratches the surface of what governments have to worry about.
It sounds like the setting for a dystopian novel, but there is a real concern about armies of hackers, sponsored by nations, focused on stealing classified data and cybercrimes that threaten the core of national security. As hacking becomes a state-sponsored problem, the solutions will become state-sponsored, as well. Look for prominent countries like the United States, China, and even Russia to give serious consideration to arms treaty types of agreements to curb this disturbing trend.
- Security skills still in demand
The Internet was made to help share information easily. This fact leads to many inherent vulnerabilities, with new ones surfacing constantly. Defending against the array of attacks businesses face requires technology and vast expertise. Neither of these things is cheap, or readily available. It simply isn’t easy to find experts who truly comprehend network vulnerabilities, can anticipate them and, ultimately, help businesses become secure. This problem isn’t going away, either. Getting these experts, and keeping them, will be difficult for years to come — expect to see this trend on the list for 2018 and beyond.
Fadi Albatal is the senior vice president of marketing at Above Security. Albatal was the founder and CEO of Bimand before he joined Above Security, and he also worked at FalconStor Software and EqualLogic, leading the company’s strategic alliance and go-to-market strategy with Microsoft before it was acquired by Dell in 2008 for $1.4 billion.
Above Security is a Hitachi Group Company that builds and delivers customized security services for monitoring and protecting critical IT assets (MSSP).