As 2017 comes to a close, we continue to see major breaches across industries – only this year we witnessed two companies, Uber and Equifax, opt to hold off on alerting the public to their respective cybersecurity breaches and make them public at a later, more convenient date. Whether this was a coincidence or a trend in the making, time will tell. What we do know is that these were among a handful of security ‘events’ that will help to shape the year to come. Here are my predictions for 2018.
1. Responding To Threats With A Zero-Trust Model
The big event of 2017 was the Equifax breach, where cyber criminals gained access to the data of 143 million people. Fallout included the departure of senior executives, the filing of more than 23 class-action lawsuits and a 35 percent stock price decline that wiped out $4 billion in market cap. The unusually severe market reaction may indicate investors are growing increasingly intolerant of companies that don’t take security seriously. I expect companies to respond by implementing zero-trust models—which involves two important shifts. First, it shifts access controls from the perimeter to individual devices and users, thereby allowing employees to work securely from any location without the need for a traditional VPN. Secondly, access to services is granted based on what is known about a user and their device, which are all authenticated and authorised.
2. The Rise Of Machine Learning
Last year, companies integrated machine learning to ascertain the risk level of individual transactions and decide in real-time whether or not to allow them. While behaviour analytics aren’t new, until now few solutions had the ability to actually stop a transaction in real time. This pivots identity security away from detect-and-respond alerts and towards more automated preventative controls. For example, risk-based authentication (RBA) improves user experience by using machine learning algorithms to assess risk, and can require a second factor of authentication only when risk is high. The benefits are substantial, and we expect to see rapid integration of these technologies into cybersecurity solutions in 2018.
3. The Lucrative Trend In Ransomware Will Explode
According to sources, between 2016 and 2017 (to date), dark web ransomware sales grew 2,500 percent to $6.2 million. According to the FBI, 2016 ransom payments totalled about $1 billion, up from $24 million in 2015. While my company predicted increases in ransomware last year, this off-the-charts growth surprised even us. I expect this lucrative trend to continue for many years to come. The rapid move to the cloud will increase the adoption of zero-trust network models and modern microservices architectures which will mandate the use of least privilege. In 2017, companies moved huge segments of their infrastructures into the cloud. Security considerations there are similar to those on premises: authentication is still required and privileges must be managed. We anticipate widespread adoption of technologies designed to manage privileged identities with extreme granularity. Least privilege will become an increasingly common term around the datacentre.
4. Automation Will Make It Easier For DevOps & AWS
In 2018, security vendors will continue to embrace Amazon’s shared responsibility model for AWS, recognising that scalable automation is essential to protect sensitive information in the cloud. This will result in the rise of DevOps, a fast-growing segment required for successful automation due to its ability to script, automate, scale and handle exceptions effectively. Increased, straight-forward automation will make it easier for DevOps to adopt AWS securely. In turn, baking security into the process will allow for further adoption of cloud-based services.
5. Blockchain Will Emerge As A Potential Disruptor
Blockchain technology has started making serious waves – and not just in the world of cryptocurrencies. Even US defence contractor Lockheed Martin seems to be exploring blockchain-related cybersecurity options. While we expect blockchain to emerge as a potential disruptor across many areas of technology in 2018, it will take several years before vulnerabilities can be addressed and the technology is considered mature enough to act as a basis for enterprise security.
6. Increasing Identity-Related Breaches & Vendor Fatigue Will Force Organisations To Re-Evaluate Their Entire Security Postures: Architecture, Budget & Project Priorities
According to Verizon’s annual Data Breach Investigations Report (DBIR), in 2015 compromised identities were responsible for 50 percent of all data breaches. That number grew to 66 percent in 2016, and 81 percent in 2017. Attackers are focusing on the most vulnerable areas of the business: identities. Still, most organisations aren’t making the connection. In 2017, companies will spend just 4.7 percent of their total security budgets on identity and access management (IAM); the very technology that could help prevent four out of five breaches. In 2018, a combination of increasing identity-related breaches and security vendor fatigue will force companies to re-evaluate their entire security postures, from the ground up.
However, in the meantime, unfortunately things will get worse before they get better – but new models such as zero-trust and a focus on securing identities provide a path forward to turning the cybersecurity tide.