Cyber Predictions for 2018: Part One
Double, double toil and trouble;
Data leak and bitcoin bubble.
Time to summon up the spirits of the deep to help us predict the upcoming year in cyber security. Apologies to Mr. Shakespeare, of course, for the bad poetry.
What do the spirits foretell for the coming year? “More and worse,” they proclaim. Read below to find out why, in the first installment of our two-part series on cyber predictions.
Cyber Security Expenditures and Costs
Companies will continue to spend and spend on cyber defense with expenditures blowing past the $90 billion level. Unfortunately, all that money will buy neither peace of mind nor total security.
Even though 2017 brought a big increase in the frequency and damage of cyberattacks (think “Equifax” and “WannaCry”), in 2018 we will be confronted with ever stealthier and more destructive escapades. Expect the average cost of a data breach to rise by about 20% to more than $3.5 million per incident, while total losses due to cybercrime are likely surpass $1.5 trillion.
Employees as Targets
Humans will continue to be the weakest link in cyber security. Despite the increased attention to insider threats, employees will continue to be the target of choice for hackers who will continue to exploit this weakness with great success. Look for more phishing attacks, malvertising, and the like to plague our employees and contractors.
New Methods of Cyber Defense
The widely used detection/response model, the primary approach to cyber security since the turn of the century, will be no match for this year’s attacks. With the speed of malware penetration and damage accelerating all the time, detection and after-the-fact response comes too late to provide reasonable defense. In 2018, companies will move in two new directions: automation and distancing.
This year, companies will increasingly adopt machine learning solutions that automate detection. Since zero-day attacks build on one another, a machine learning approach that automatically detects similarities between old attacks and new ones will speed up identification of threats and protect our data. Ostensibly, a machine learning solution gets smarter as it encounters more situations. In 2018, with more experience under their belts, these solutions will increasingly alert CISOs and security personnel to prospective threats .
Companies will also adopt techniques that push potential attacks farther away from vulnerable servers and endpoints. Two such solutions will see wide adoption in 2018: Content Disarm and Reconstruction (CDR) and Remote Browser Isolation (RBI). Both employ a similar concept: strip out all active (and thus, potentially risky) code in a remote, safe location before passing now-harmless files into the network.
CDR looks at files that come into the network via email, downloads and other frequently used mechanisms, and strips out any elements that do not match the file type's standards or policies, and could possibly be masking rogue code or malware. The files are reconstructed and, only then, passed on to the recipient.
RBI operates in a similar but even more rigorous fashion, albeit on web pages. When users browse the web from a PC, tablet or smartphone, their request is directed to a remote server where the webpage is executed in an isolated environment. The requested content is then rendered as a secure stream of images (and audio) that can be safely passed to the local browser in real time. All active code, including potential malware, is stripped away and kept far from the corporate network and endpoints, and discarded along with the rest of the browsing session once the tab is closed (or after a predefined “timeout”). When executed properly, users notice no difference from their standard browsing experience.
Cyber Security Labor Shortage
There is no solution in sight to the shortfall of security analysts. In 2018, the number of open positions in the US alone will remain well above 1 million. We can expect hackers to take full advantage. Organizations will begin to consider individuals with similar backgrounds roles, experience and education to fill critical cybersecurity positions, even if they lack some qualifications. As a result, 2018 is shaping up as a good year for big MSSPs, as companies will expand their use of managed security services.
It’s Good To Be CISO
In 2018, the role of the CISO will continue to expand and evolve to encompass public policy, law enforcement, privacy regulations and an understanding of the threat landscape. In fact, CISOs like me might be jumping up a rank in the organization to report directly to the CEOs of our companies. I am looking forward to more responsibility, more impact on security’s role in growing the business… and a big pay raise!
Tune in later this week for more bold cyber predictions on what 2018 will bring for our ever more browser-dependent organizations and workforces – starting with the GDPR elephant in the cybersecurity room.