2018 Security Predictions (Part 7)
Criminals will become increasingly more sophisticated. Will companies be able to automate security to keep or continue to lose valuable data?
Join the DZone community and get the full member experience.Join For Free
Given how fast technology is changing, we thought it would be interesting to ask IT executives to share their thoughts on the biggest surprises in 2017 and their predictions for 2018.
Here's the seventh article sharing what they told us about their predictions for security moving forward.
Criminal organizations will continue their ongoing development and become increasingly more sophisticated. The complex hierarchies, partnerships, and collaborations that mimic large private sector organizations will facilitate their diversification into new markets and the commoditization of their activities at a global level. Some organizations will have roots in existing criminal structures, while others will emerge focused purely on cybercrime.
Organizations will struggle to keep pace with this increased sophistication and the impact will extend worldwide, with cryptoware, in particular, becoming the leading malware of choice for its threat and impact value. The resulting cyber incidents in the coming year will be more persistent and damaging than organizations have experienced previously, leading to business disruption and loss of trust in existing security controls.
The popularity of crypto-mining malicious software will continue to increase. Established criminal groups will use malicious crypto-mining to supplement their revenue stream from activities such as ransomware infections. Newcomers will see this practice as an easy way of getting into the field, in part because some might view such activities as a “victimless crime.”
Incident response teams will look for ways to more actively combat malicious presence in the enterprise, going beyond the practice of merely identifying which systems might have been compromised. Such steps might entail misdirecting or slowing down adversaries and their tools. A related example might involve vaccinating systems against specific malware families, “persuading” malware that it’s already in the system to prevent the infection in the first place.
The biggest surprise in the cloud for 2017 is how the security industry continues to be a technical laggard. Organizations are moving their infrastructure to the cloud with AWS and Azure both growing at unprecedented rates, building multi-billion dollar IT superpowers. Yet security incumbents are not evolving, providing yesterday's technologies in the cloud, i.e. a “cloud washed” mindset versus building cloud-native, purpose-fit security.
In 2018, the industry will move more towards automation, API’s, and cloud services at scale. It’s more about continual compliance, configuration checks, and response at scale than it is about point-in-time signatures, Firewalls, policies, and rules. Lastly, we need to remove the complexities and management burden away from the user and provide security that is simply powerful.
2018 will be the year where all of your apps will become consolidated. There are too many choices and too many ways to do everything. Therefore, a consolidation of apps and functions needs to happen and 2018 might just be the year to see some of that integration happening at a faster pace. Your vehicle and other devices in your home will become more integrated and, frankly, you no longer need 10 different apps just to talk with the microwave, fridge, lights, etc.
We first need to fill the growing shortfall of qualified security experts who have the necessary skills and experience to solve these problems for organizations of all types and sizes. Hiring and training enough skilled security workers will continue to be one of the biggest challenges facing CISOs in 2018 and beyond. Due to this lack of trained personnel in-house, we expect that more companies will leverage externally managed security service providers (MSSPs) to help fill this need in the New Year.
Security teams need to continually advocate for upper management to separate security spending from standard IT budgets. IT spending is a cost of doing business, but security systems provide the last best defense against the loss of a company’s data, its brand reputation, and related customer confidence. Just like you don’t determine how much auto liability insurance you should have based on the maintenance costs of your car, it makes no sense to base your security budget on your overall IT spend. Just as with your auto liability insurance, your security spend needs to be based on your overall risk profile.
Industrial Control System (ICS)-specific malware will surface that goes well beyond Windows-based vulnerabilities currently affecting companies that operate critical infrastructures. ICS technologies include supervisory control and data acquisition (SCADA) and distributed control systems (DCS), industrial automation and control systems (IACS), programmable logic controllers (PLC), programmable automation controllers (PAC), remote terminal units (RTU), intelligent electronic devices (IED), and other sensors. Targeted malware will be written against many of these specific systems. At least one well-known utility will be hacked – impacting customer service delivery.
In 2018, enterprises will need to embrace a continuously adaptive approach to information security because in an increasingly digital business world, binary decisions – black or white, allow or block – do not work. Enterprises have to think about how to enable transactions when all the information is not available or there is a known level of risk. Making adaptive decisions based on identity, behavior, and risk will enable more effective threat prevention.
Opinions expressed by DZone contributors are their own.