GDPR talk will hit fever pitch
I love the saying “security should not be sprayed on, but baked in”. In the current threat environment nothing is more true, and in 2018 one thing I can predict with certainty is the arrival of GDPR – and with it potentially a fear akin to the Y2K bug.
With 46% of UK businesses saying they’ve already experienced a cyber breach of some kind, everyone is preparing for GDPR. However not every business needs to be at DEFCON 1 stage – each business should make its own assessment as to where it needs to be. Businesses needs to ascertain what the value of their data is and align their security posture accordingly. The GDPR legislation is pragmatic, and to achieve compliance organisations must implement technology and practices to reach a level of security that provides a good level of due diligence. Doing nothing is not an option.
There has been a lot of fear, uncertainty and doubt around how big the fines will be for breaching GDPR, and I expect there to be another Equifax or Uber-sized breach with large fines ensuing. But for the majority of organisations who take action now to improve their security posture to an acceptable level, things should be business as usual with the odd punitive incident. That said, we must not be complacent and help our customers wherever we can.
We’ll see increased investment in always-on managed security services
It is expected that cyber security resource shortages will continue, driving companies to outsource their security services to companies like Maintel who can deliver an always-on service. The key to differentiation in this space will be the ability to be agile and shift quickly to orchestration and automation. The API will become a fundamental part of this agility to bring together a communication capability of the new multi-layer architecture of security solutions consisting of multiple vendors. Only this automation will give IT teams the ability to react fast enough to identify, contain and remove new and more complex zero day attacks.
I am confident we will see more intelligent networks driven by network segmentation (something that is relatively straightforward to facilitate with a redesign), data encryption (in transit data) and obfuscation/anonymization (at rest data) techniques. Organisations must understand exactly what is actually running on their networks, taking action to reduce or eliminate shadow IT.
Demand for business continuity processes and technology will rise
With this focus on outsourcing security tasks, security incident and event management services (SIEM) will become more embedded into organisations’ BAU fabric. For businesses (even one with large IT teams) understanding and actioning the output of tools that analyse hundreds of thousands of system logs is not time well spent. There will be a reliance on companies like Maintel and our partners to keep our customers’ businesses running even in a state of breach. Demand for business continuity processes and technologies will most likely increase, and partners who can deliver SIEM and additional business continuity value-added services will become a part of any businesses’ fabric.
The automation piece also flows into helping eliminate the amount of breaches caused by human error, as in some recent Amazon breaches, and I expect to see a flurry of activity to help organisations educate users about how to use IT safely in a back-to-basics-style policy. To assist with this I expect to see organisations invest in more intelligence, pushed down to the endpoint device to help facilitate things like anti-virus as well as identifying and assisting with data loss prevention.
The IoT will expose us to new breaches
The IoT will definitely provide some challenges in 2018, and this will touch every vertical. We can expect continued attacks on the likes of the healthcare and utilities sectors, as well as other infrastructure items connected via the IoT. Industrial automation and the attacks on programmable logic controllers is set to increase purely due to the scale of havoc this kind of hack can wreak.
Solutions will emerge to limit the ‘people factor’
The ever-faithful password will be new levels of scrutiny, and a rise in two factor authentication and other techniques like biometrics is expected to increase. However as the bad guys are always looking for a challenge, even biometrics may become impacted. Gaining unauthorised access to buildings using RFID cloning is already seen as a security risk, and at a recent hacker conference it was deemed that physical access during any standard penetration testing is becoming easier. Gaining physical access to buildings must also get harder, so I expect new technologies will emerge to reduce this attack vector. People are a weak link, and there’s no patch for stupidity or ignorance.
State sponsored attacks won’t slow down
It’s also expected that there will continue to be state sponsored attacks be that an attempt to harvest intelligence, intellectual property or general denial of service like denial of utilities like water and gas, as well as electronic services.
In short, strap yourself in, because 2018 should be a rollercoaster of a year in the security space.