Despite growing investments in defensive technologies, cyber breaches continue to proliferate. In a world where malware is continually evolving, critical data is moving to the cloud, and criminals are exploring new vectors of attack, how can security professionals stay up to date with, and keep ahead of, changes in the industry?
Traditional security perimeters are eroding or becoming obsolete; rather than focusing on building bigger walls, the industry needs better visibility into what is happening to their critical data—understanding how, when and why people interact with critical data, no matter where it is located, is crucial.
I’d like to outline major security shifts Forcepoint expects to happen in 2018. At the heart of many of these predictions is a requirement to understand the intersection of people, critical data and intellectual property – the human point.
1. Privacy fights back! Prediction: 2018 will ignite a broad and polarizing privacy debate not just within governments, but between ordinary people.
The last two years have seen a steady erosion of the line between personal and public spheres; even Internet Service Providers have the legal right to sell customer data. To date, privacy has not put up much of a fight. 2018 will ignite a broad and polarizing privacy debate not just within governments, but between ordinary people. Come May 2018, the European Union (EU) General Data Protection Regulation (GDPR) will become enforceable by law and would require global organizations that hold the personal data of EU residents to adhere to new requirements around control, processing and protection. The GDPR may be the first regulation to set the bar so high, but other countries will follow the EU in terms of updating their regulations to match this new standard for data protection.
2. Disruption of thingsPrediction: IoT is not held to ransom, but instead becomes a target for mass disruption.
The popularity of the Internet of Things (IoT) has become increasingly evident over the past year: Gartner forecasts that 8.4 billion connected things will be in use worldwide in 2017, up 31% from 2016. This is particularly relevant within enterprises where logistical and supply chain sensors and healthcare devices are critical parts of infrastructure. The internet of connected things offers access both to massive amounts of critical data and to “the disruption of things.” For example, it will be possible for any attacker with disruption in mind to steal credentials or insert malware into systems.
3. The rise of cryptocurrency hacksPrediction: Attackers will target vulnerabilities in systems that implement blockchain technology associated with digital currencies.
A reported 1.65 million computers are used to mine Bitcoin, the digital currency with a market capitalization of more than US$107 billion.
One of the leading causes of data breaches is human error, critical in the era of continuous security breaches and mounting governmental demands for regulatory surveillance
Cryptocurrencies have quickly become the payment method of choice for cybercriminals seeking a ransom. While the principle of Bitcoin’s underlying blockchain technology makes the insertion of falsified transactions into historical blocks prohibitively difficult, cybercriminals will instead turn their attention to vulnerabilities in its supporting systems, including those used to create digital currency transactions. We expect to see an increasing amount of malware targeting the user credentials of cryptocurrency exchanges and the websites that allow users to buy, sell and exchange crypto-currencies for other digital currency or traditional currency.
4. Data aggregators – a gold mine to be tappedPrediction: A data aggregator will be breached in 2018 using a known attack method.
Cybercriminals target complete sets of information such as personal data from banks and electronic health care records due to their undeniably inherent wealth of value. This data is not something that can be changed or adapted like a password; rather, it is always associated with an individual. It’s not surprising that data aggregators in the public and private sector represent the path of least resistance to the greatest reward. Just as we saw with Equifax, a weak link in a system containing an abundance of personal identifiable information will be exploited. The Equifax breach will not be the last breach of such magnitude on a hosted business application. At risk are those applications that contain information on a sales force, prospects and customers, or those that manage global marketing campaigns.
5. Cloud admin is the new domain adminPrediction: Adoption of cloud technologies will increase the risk of a breach from a trusted insider.
New applications are introduced into organizations every day, unbeknownst to IT. For large enterprises, 30 to 40 percent of IT spending comprises shadow IT, in this case unsanctioned cloud services. And while cloud vendors are generally secure, they are not custodians of customer data and don’t have any say in how their customers protect their data. While existing infrastructure can be leveraged in combination with the right cloud security tools to help enterprises discover cloud apps, they don’t provide the visibility and control required for a comprehensive solution. Cybercriminals turn to the cloud to spread malware due to its scalable and readily available nature and because cloud networks are generally trusted, raising the probability for malicious activity to go unnoticed. Since responsibility ultimately rests with the cloud service end-user, cloud use should be monitored and access closely scrutinized.
6. Encrypted by default – Implications for allPrediction: An increasing amount of malware will become MITM-aware.
The web is moving to encrypted-by-default. 25% of all websites are using this technology. This includes major global search engines, social media networks and e-commerce websites, which are investing in the technology to make the web a safer place for consumers. In reaction to the increased use of HTTPS, cybercriminals and nation state actors are adapting their tactics, techniques and procedures. For example, scammers have been acquiring certificates that make their fraudulent websites imitate the likes of PayPal and Google to appear legitimate. While there are legitimate man-in-the-middle (MITM) techniques, we’ll see malware attempting to detect or thwart MITM security by using nonstandard cryptography, certificate pinning and other techniques.
7. Workforce Cyber Defence becomes necessaryPrediction: Workforce monitoring and employing UEBA will be a top priority for CISOs in 2018
One of the leading causes of data breaches is human error, yet traditional tools fail to provide contextual information about insider risk, critical in the era of continuous security breaches and mounting governmental demands for regulatory surveillance. Workforce monitoring, known also as workforce cyber defense, will become more widely accepted, and its implementation will become a top three priority for Chief Information Security Officers (CISOs) in 2018.
Check out: Top Fraud And Breach Protection Companies