The last 12 months have been action-packed in the world cybersecurity. Ransomware attacks exploded and the skills gap widened. But there were some bright spots too: artificial intelligence is showing promise, and orchestration is helping analysts become more productive.
Recently, I joined IBM Resilient’s Bruce Schneier, Gant Redmon and Maria Battaglia, along with Enterprise Security Group analyst Jon Oltsik, for IBM Resilient’s annual year-end webinar, “Cybersecurity in 2017 and the Year Ahead: The Fifth Annual Year-in-Review and Predictions Webinar.” During this webinar, we reviewed the biggest trends and lessons from 2017 and offered cybersecurity predictions for 2018.
Below are the top three cybersecurity predictions that emerged:
- Internet of Things attacks will make the news
The massive distributed denial-of-service (DDoS) attacks of late 2016 and early 2017 proved that internet-connected devices are a major security threat. With billions of connected devices globally, many of which regular people use daily, it’s more than likely that a serious attack could occur. 2018 seems poised to have the right combination of device proliferation, underlying vulnerabilities and bad-guy attention for IoT attacks to go to the next level.
- Orchestration and automation will be a top priority
To date, incident response orchestration and automation (O&A) efforts have been driven by early adopters opportunistically securing resources for these projects. In 2018, O&A efforts will gain line-item status in organisations’ security budgets. The early adopters will tout improvements from their initial deployments to gain support for expansion to facilitate additional use cases. Other organizations will try it for the first time and get hooked.
- Businesses will rush to prepare for GDPR
The European Union (EU)’s sweeping General Data Protection Regulation (GDPR) goes into effect in May 2018. While survey data varies, it’s clear that many businesses around the world are still unprepared. Given the enormous potential fines for noncompliance, companies will scramble. Unfortunately, those expecting to hire consultants to help might find such resources are already booked solid.
Don’t let your guard down in 2018
Whatever does happen in the cybersecurity realm in 2018, it’s likely to be just as action-packed as what we’ve seen in 2017. Vigilance will go a long way, but heightened security awareness is the best — and, perhaps, the only — protection against emerging threats that we can only begin to imagine today.