The new year is fast approaching, and this provides us an opportunity to take a snapshot of the emerging security trends to watch for as we continue to navigate the ever-changing threat landscape.
Though not intended to be a comprehensive overview, the following are a few key issues emerging that will undoubtedly help shape the security conversations in 2018, as postulated by Malcolm Harkins, Chief Security and Trust officer at Cylance.
Malcolm is responsible for all aspects of information risk and security for the company, as well as public policy and customer outreach to help improve understanding of cyber risks.
He previously spent 23 years with Intel, most recently as its first Chief Security and Privacy Officer.
More Security Vendors May Testify on Capitol Hill
With major cyberattacks like WannaCry and the breach at Equifax getting the attention of lawmakers, it is only a matter of time before we start seeing more cybersecurity companies being called to testify before congress.
So far, victim organizations have taken the brunt of criticism from politicians and the press, but less attention is being paid to the companies promising to secure the sensitive data in the first place.
There will be a moment when security vendors are asked to explain why their products weren’t able to live up to the promises of their marketing departments, which will have a serious impact on how we talk about the capabilities of security solutions.
GDPR Will be the Y2K of 2018
Companies are publicly touting their GDPR readiness, but behind closed doors I expect there is a lot of uncertainty about the ability to comply with these new and incredibly strict guidelines.
While GDPR won’t result in the same public hysteria as Y2K, IT practitioners who were around at the turn of the century will feel a bit of déjà vu.
In particular, many companies in the U.S. are waiting to see how GDPR plays out stateside, and I expect in the first few years after its enactment, the EU will look to make an example of a multinational who fails to check all the boxes.
The Conversation about Critical Infrastructure Will Shift Towards Social Media
Social media was originally a fun a way to communicate and stay up to date with friends, family and the latest viral videos. Along the way, as we started to also follow various influencers and use Facebook, Twitter and other platforms as curators for our news consumption.
Thus, social media became inextricably linked with how we experience and perceive our democracy.
The definition of critical infrastructure, previously limited to big ticket items like power grids and sea ports, will likely expand to include said social networks. While a downed social network will not prevent society from functioning, these websites have been proven to have the ability to influence elections and shape public opinion generally, making their security essential to preserving our democracy.
Kevin Livelli, Director of Threat Intelligence at Cylance, chimed in with one more important trend to watch for:
Standardized Hacking Techniques Will Make Attribution Even Harder
In 2018, more threat actors will adopt plain-vanilla tool sets, designed to remove any tell-tale signs of their attacks.
For example, we will see backdoors sport fewer features and become more modular, creating smaller system footprints and making attribution more difficult across the board.
And, as accurate attribution becomes more challenging, the door is opened for even more ambitious cyberattacks and influence campaigns from both nation-states and cybercriminals alike.