2017 proved that no organization was exempt from the rapidly multiplying threat of malicious cyber activity with ransomware epidemics like WannaCry, growing DDoS attacks, and the arrival of the IoT Reaper botnet, to high-profile data breaches at Uber, Equifax, and Yahoo. Now with 2018 fast approaching, security professionals must take a critical look back at the past 12 months and start preparing for what’s to come. Zenedge, a global provider of cloud-based, artificial intelligence-driven cybersecurity systems has released its Top 5 Cybersecurity Trends to watch in the New Year.
“The caliber and frequency at which organizations are experiencing cyberattacks is alarming,” said Yuri Frayman, CEO at Zenedge. “Though our predictions can aid in developing strategies, it is imperative that the industry also pivot accordingly, developing, and ultimately implementing preventative technologies at a much faster rate. We can no longer look to old solutions that solely rely on manpower and human interaction. Instead, we must invest in machine learning and artificial intelligence, which play a critical role in anomaly detection and mitigation, increasing the ability to effectively identify and combat the most massive infiltrations the industry will face in the years to come.”
These are the top five cybersecurity trends according to Zenedge:
AI will become a necessity: In 2018, AI and machine learning will no longer be a “nice to have,” but rather a necessity and core component that reinforces an organization’s cybersecurity strategy. Attackers will continue to use everything in their arsenal, including machine learning to power sophisticated botnets, to deliver complex multi-vector attacks. Simply relying on human intervention to combat these attacks is guaranteed to be a losing proposition. Companies must fight malicious bots with their own bot technology and infuse the traditional rules-driven methods with AI algorithms and machine learning to be able to identify and fend off advanced attacks.
GDPR will create panic in the U.S.: Talk of and preparation for GDPR has been underway for years, but in the first few months of 2018, we will see businesses headquartered outside of the European Union wake up to the shocking realization that they too are required to comply if they want any chance of continuing to do business in the EU, which will leave them scrambling to meet the requirements on a condensed timeline before the May 2018 deadline. The scope and complexity of the new regulation will create a potentially crippling burden on smaller organizations that already find meeting basic security standards to be a daunting task.
Global threat by terror-harboring nations will rise: As political and ideological disparities continue to increase between the West and a litany of terror-harboring nations, cyber tensions will escalate exponentially and further threaten critical infrastructures, financial systems, government agencies, and even the Internet itself. These rogue nations will continue to increase the threat of targeted malware, ransomware, exploit, and fraud campaigns.
Exposure to IoT threats goes mainstream: In 2018, we can expect to see IoT as both a vector for attack, as well as the means of a large-scale attack. IoT adoption is accelerating at an incredible rate and this complex ecosystem will require various controls that integrate with one another. The ability to monitor sensors and other IoT devices for indications of compromise and attack will be key to containing malicious activity, and companies must assess what data is available and how it can be collected, profiled, and used for detecting attacks through automation. Lacking such controls, more IoT devices are prone to be weaponized and capable of launching massive distributed denial of service attacks against highly sensitive targets.
Integrated cybersecurity solutions will be in high demand: Until now, organizations have been purchasing point solutions designed to solve only one cybersecurity problem at a time, and taking on the extra work of configuring, maintaining, reporting, and analyzing data across multiple disparate systems. In 2018, organizations will recognize and move towards integrated cybersecurity solution suites that work in an integrated cohesive fashion, with a single platform to configure, manage, monitor and maintain security postures, allowing organizations to have a unified, clear picture of their cybersecurity perimeters.
Protecting IoT devices from cyberattacks: A critical missing piece
Hackers are targeting energy, critical infrastructure, warns U.S. gov
Hacker group ‘Dragonfly’ targeting U.S., EU energy sector
IoT devices becoming ‘cyberweapon of choice’ for attackers