2017 was another year of major data loss and hacks, but will the warnings be heeded?
2017 was another year of major data loss and hacks. These breaches have increased pressure on business and individuals alike, to clearly focus on the importance of securing data. Whether the warnings are heeded, remains to be seen. Here are my predictions for 2018:
1. A major cloud player will be shut down for 24 hours due to a cyber attack and data loss. This will trigger users to question their existing providers as to levels of encryption, where are the keys held and who in the cloud organisation has access to the keys? This will see the growth in third party security services such as Bring Your Own Key (BOYE) will be the mantra, as companies will no longer trust a single cloud vendor and will spread their data around a number of providers to lower the overall risk of data outage.
2. IOT security will remain weak, even with the launch of light encryption. This will be due to manufactures still using old chipsets that have security flaws.
3. Email security will be one of the fastest growing areas in data security as ‘man-in-the-middle’ attacks increase and more companies are fined, due to leaked data from intercepted emails or, rouge emails being received spoofing to be legitimate.
4. There is likely to be a grave shortage of skilled staff in order to plug the GDPR need, especially in the rise of the Data Protection Officer, now mandatory within the GDPR regulations.
5. Voice recognition will be widely deployed as a form of two-factor authentication, given the improvements in Siri, Alexa, Cortana and Google.
6. At present around 31 per cent of companies pay ransom-ware demands. This will reach 50 per cent in 2018.
7. File-less attacks will be the new attack Trojan. These viruses reside in the memory of the PC and remain there until it is rebooted. Normal AV will not detect these attacks.
8. Come May 2018 only 10 per cent of companies will be ready for GDPR and, by the end of the year, we will see the first companies closing due to having to meet the considerable fines.
9. Social engineering attacks will increase as a way to get into an organisation. The targets will be young members of staff who tend to be less controlled about what is viewed, or interacted with, online. This will lead to an increase in detection systems being deployed inside an organisation so as to spot unusual behaviour, both in people and systems.
10. We will all start calling our cars KIT as we move into the driverless era!
Happy New Year!
Colin Tankard is managing director at data security company Digital Pathways, a specialist in the design, implementation and management of systems that ensure the security of all data whether at rest within the network, mobile device, in-storage or data in-transit across public or private networks.
If you enjoyed this, you may wish to view the following:
Uber disaster: here we go again
Had Uber been properly monitoring its event management systems, it may have well pinpointed unusual patterns or logons, and been able to prevent the attack
Singtel strengthens Singapore’s cyber security
The portal raises awareness of cyber-related careers by profiling real-life cyber security professionals and mentors