Cyber Security Trends for 2018
In 2017 we saw a large number of high-profile cyberattacks and data breaches, most notably for Uber, Equinox, Verizon and WannaCry ransomware attacks, among others. And, while, according to the Ponemon Institute, the average cost of a data breach is down 10 percent over previous years to $3.62 million, the average size of a data breach increased nearly two percent, some organizations still have much work to do to inform their preparedness and response strategies.
So, what can we expect for 2018? Let’s take a look at some of the current and future trends, challenges and threats.
AI and and Machine Learning powered attacks
AI/Machine Learning (ML) software has the ability to "learn" from the consequences of past events in order to help predict and identify cybersecurity threats. They can predict and accurately identify attacks swiftly could be a real boon for InfoSec professionals. However, there is also a risk that AI and machine learning may be exploited by attackers.
Be proactive about Ransomware and IoT
Although most IoT devices don't typically store valuable data, we should still be very careful not to underestimate the potential damage IoT ransomware could cause. The importance to back up regularly, keep patching and updating systems, and strengthen your real-time defenses is real.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR), which will come into effect on 25 May 2018, offers a number of important changes to the current Data Protection Directive. These include; increased territorial scope, stricter consent laws and elevated rights for data subjects to name a few. Infringements can provoke fines of up to 20 million euros ($23.6 million at the time of writing) or 4% of the total worldwide annual turnover of the preceding financial year.
Security patch management
If you don’t test your security, then you don’t know how secure your application is. Patch management involves obtaining, testing, and installing several patches to the computer system in order to keep it safe against malware attacks. With the ongoing threat of security being compromised, and given the huge and daunting task of patch management, it's almost certainly a good idea to have the essential procedures and responsibilities clearly defined through a detailed patch management policy.
Hackers are so talented these days that just a single password isn’t enough to offer robust protection to people’s accounts. Additional security measures other than a simple password is extremely important. According to the 2016 Data Breach Investigations Report by Verizon, “63% of confirmed data breaches involved leveraging weak, stolen or default passwords.” This is largely due to the fact that most organisations are still using single-factor authentication, fearing t would negatively affect user experience.
Blockchain and Cyber Security
Blockchain has the potential to improve everything from data integrity and digital identities to enabling safer IoT devices to prevent attacks. It addresses the fundamental flaws of security by taking away the human factor from the equation, which is usually the weakest link. Authenticating Bitcoin payments has perhaps become the most cited use case, but this technology can extend to applications like content delivery networks and smart grid systems too.
In 2018, more companies will adopt security-first thinking. The current talent gap in cybersecurity skillsets is truly massive and in 2018, it will only widen. The industry will continue to require a diverse set of skills as cyber resilience strategy advances.