What’s next for cyber security in 2018? Game changers
By:Scott Manson, Cybersecurity Lead – Middle East and Africa, Cisco
The year 2018 will bring more connectivity, digital transformation initiatives, and data to companies, along with a number of new cybersecurity threats and landscape changes making cybersecurity one of the most crucial issues that need to be addressed in the present scenario.
In 2017, incidents like WannaCry and Netya illustrate, our adversaries are becoming more and more creative in how they architect their attacks.
The universal fact is that we have to accept that we can’t protect everything, but we can find a way to control what matters the most.
2018 will be a year where security will become part of the fabric in how we work.
Below are my cybersecurity predictions that I believe will continue to impact the technology industry in 2018.
1- Shift in focus from protection to prevention
Historically IT organizations focused heavily on perimeter network security to protect their networks from cyberattacks.
Protection at the perimeter edge works well for data moving toward the protected assets, however, recent breaches have shown that perimeter security alone isn’t sufficient to combat advanced persistent threats.
Your security setup will need to focus on detection, response, and remediation.
That’s where the cybersecurity fight is today. In the future it will most likely move to prediction of what’s coming before anything happens.
2- More IoT attacks will be motivated by financial gain than chaos
It’s only a matter of time before every house and company is connected through the Internet of Things (IoT).
We predict that as many as 1 million new connections per hour will be added to the internet by 2020 expanding the attack surface and making IoT vulnerabilities more critical and more dangerous.
To meet the security challenges of the IoT, a proactive and dynamic approach to security, and a layered defense strategy, are the keys to protecting IoT devices from infection and attack.
3- Continued growth in the use of ransomware and cyber-extortion tools
Unfortunately, ransomware attacks will almost certainly become more pervasive and varied during 2018.
Evolutions in ransomware, such as the growth of Ransomware-as-a-Service, will make it easier for criminals, regardless of skill set, to carry out these attacks.
It turns out that ransomware generated a lot of cash for criminals, an estimated $1 billion in 2016. In the future, ransomware will not merely target individual users, but also target entire networks.
Often, victims of ransomware choose to pay the ransom, because they have no other means by which to restore their systems and data.
Don’t pay the ransom. Create strong plans for system and data recovery as soon as possible, including backing up all systems daily.
4- Many enterprises will give priority to cloud security
More applications and servers are moving to the cloud to take advantage of cost savings, scalability, and accessibility.
As a result of this, cloud environments will be a potential target of security breaches.
According to the Cisco 2017 Midyear Cybersecurity Report, hackers recognise that they can infiltrate connected systems faster by breaching cloud systems and we expect more problems related to cloud security arise in 2018.
When it comes to cloud, security experts will need to decide who they can trust and who they can’t and enterprises will need to develop security guidelines for private and public cloud use and utilize a cloud decision model to apply limitations to cloud risks.
5- Increased automation in cybersecurity response
Automation, machine learning and AI will be critical in ensuring protection, becoming a powerful and effective component of cyber security incident response.
Attaining full visibility into networks is key to stopping hackers, or machines, in their tracks and machine learning can help here by understanding the behaviour of devices, including IoT devices, on the network and identifying ‘soft spots’ on the network that are just waiting to be breached.
In 2018 machine learning and artificial intelligence will undoubtedly be integral to the future the cybersecurity landscape.
We need more trained professionals, as well as smarter tools that make cybersecurity more effective – for both businesses and their consumers.