2016, although not quite finished, has been the most vulnerable year for public and private sector businesses in terms of data breaches, hacks and everything in between.
That is not to say those in the cyber security are standing twiddling their thumbs. Far from it, and Information Age expects a lot to come from integrating AI and automation processes into security defences.
The problem has been been that cyber security systems, which may have not been given top priority by the c-suite executives, have simply been overrun by the amount of malicious traffic bombarding their equivalent to the Trojan Gate.
Indeed, the other side of malicious traffic has, instead of mounting an all out offensive like the recent Dyn attacks that shut down Twitter among others, snuck in undetected like the Greeks did using the Trojan horse.
The Greek soldiers bypassed the ‘impenetrable defence’ and remained undetected until it was too late, much like the Yahoo data breach that was found out this year but began leaking data in 2014.
Moving forward it is clear cyber security, if it isn’t already, will need to be a top priority for organisations. It should be considered a business critical process.
Furthermore, cyber security specialists should continue to invest in innovative technologies to make their defences more agile, flexible, smart and successful.
But what can they expect to face? What does 2017 have in store?
Advances in technology promises a move towards greater protection. However, the looming threat of attacks is growing.
2017 cyber security trends
Ofer Amitai, CEO of Portnox discussed five cyber security predictions for 2017 with Information Age.
IoT as the next Trojan
IoT devices bring vulnerability to the network, and hackers will continue to take advantage of this.
IoT-driven attacks have been common in cars and homes, but enterprises will have an increasing problem with IoT security too, as all devices from thermostats and security cameras to laptops and more are integrated onto an enterprise’s internal network.
One of the challenges with IoT devices is that by default they are open and available to the Internet and come protected with default passwords. While convenient for users, it’s a nightmare for corporate security.
>See also: The 2016 cyber security roadmap
The number of these attacks will certainly rise, because most users don’t know how or that they even need to change the security controls on their devices.
The standard regulations on these devices come as an easy portal to the network for hackers. In fact, hackers can integrate malware into networks through IoT devices as easily as they could through Windows.
As cyber security, breaches and attacks increase, there will be more standard security controls and practices for enterprises to integrate into their protection strategy.
In the private sector the demand for cyber insurance will peak in 2017. Since insurance companies are seeking for measures to decrease risk they will start looking at and best practices and make those who don’t implement them pay higher premiums or even deny insurance.
There will be more automation of security enforcement for prevention, increased machine learning for detection and remediation for response.
The cyber security industry’s number one problem is shortage of cyber security experts.
In addition CSOs are finding with an increase in security compliance issues, software updates, breaches and more, that employees aren’t prepared to handle these new developments in a rapid response way.
This is why there will be more automation technology coming into play to help automatically enforce software updates, compliance changes, allowing instant detection of breaches and automatic remediation responses.
Increase in nationwide terror attacks
Terror is moving towards the cyber world and will be considered a violent attack on the country.
Though these attacks might not cause physical damage, they’ll get us talking and disrupt daily life – think traffic lights, power, etc.
There will also be attacks on critical infrastructure like electricity, water and nuclear [which has been documented in the US].
A reaction to this new form of cyber terror would not only take place in the cyber world, but the physical world as well.
[This is not a far flung idea, and these sentiments were echoed by Philip Hammond, Chancellor of the Exchequer, in a speech he gave this month on the grave threats cyber attacks pose].
Attacks on public figures
This year’s election was a glimpse into what’s possible with hacks and leaks of private information.
Expect hackers to find and circulate embarrassing photos, tax documents, and more as 2017 approaches, in order to influence the public’s mind and shame public figures.
If these predictions turn out to be true then it appears the worst is yet to come. Although, as mentioned, advances in cyber security technologies and shifts in board focus should help mitigate, or a least reduce the expanding security risk.