2016 has been an epic year for cybersecurity threats. Current projections published from a Cybersecurity Market Report indicate that cybercrimes will only continue grow to an enormous $6 trillion in annual losses to the world by the year 2021. Due in part to our hyper-connected world, advances in collaboration technologies, multiple devices, and increased use of outsourcing, hackers are seizing opportunities and becoming more sophisticated in their attack techniques.
Their quest has gone beyond stealing data for a profit to leaking incriminating information to influence and expose individuals and governments. However, hackers are only part of the challenge faced. Third-parties partners also carry a potential threat to organisations as they often have authorised access to organisations' information and systems with little oversight or monitoring.
Organisations that fail to increase their security budget and make security a top priority, are most likely to suffer the greatest financial losses. So what's do we predict for 2017 besides building a better offense?
Here are Top Six Security Predictions for 2017
1) 2017 Will be a historic year for cybersecurity legislation globally
Next year will be historic in terms cybersecurity legislation. We've already seen the beginnings of this in 2016, and high-profile incidents such as the breaches at the Democratic National Committee and Yahoo, and the Apple encryption debate have further increased public awareness around the importance of data security and privacy. The Chinese government was also recently implicated in buying stolen national defense research related to the F-22 and F-35 and C-17 fighter jets from a cybercriminal who hacked Lockheed Martin and Boeing.
The growing awareness, coupled with the government's willingness to acknowledge the national security risks posed by cyberattacks, makes us hopeful we'll see meaningful progress made in the fight to create effective cyber-legislation by the end of 2017. This legislation will likely start with mandatory breach notifications, which initially eliminate undisclosed (or slowly disclosed) cyber incidents, but will eventually take the form of specific guidelines for how citizens' data must be protected wherever it travels or is stored. Europe is leading the way with the General Data Protection Regulation (GDPR) act and we expect countries to follow with similar legislation.
2) Global leader's will take steps towards establishing standards for cyberwarfare (InfoSec Geneva Convention)
2017 will (hopefully) be the year global leaders finally recognize the need for an InfoSec Geneva Convention, setting standards for what cyber-activities are and aren't acceptable. Holding highly confidential information hostage and using it as black mail or manipulate elections is a whole new level of warfare. I'll admit, this is an optimistic prediction, considering the current geopolitical landscape, but technology has reached the point where having clear rules of engagement is an absolutely necessity. In fact, the idea was floated back in 2015 by members of the House Intelligence Committee. While this may not happen in 2017, I expect the global community will at least begin acknowledging the catastrophic repercussions that could result from an all-out cyberwar.
3) Hackers will continue to exploit the weakest link (Service Providers & Law Firms Beware…)
The ransomware epidemic is a reminder that the cybercrime economy is based on the principles of capitalism. Until Organisations persistently protect information at the data level (and stop paying the ransom), these attacks won't slow down. And, as companies increasingly utilize third party service providers to reduce costs, more and more information will be at risk.
In 2016, the healthcare industry was revealed to be especially vulnerable to ransomware attacks with 75% of hospitals surveyed in a poll by Health IT News and HIMSS to have been hit by one.
And while that will remain true next year, we expect hackers will expand into other verticals. Hackers will look for the weakest link and exploit industries who have highly sensitive information and lower investments in security solutions.
Researchers say there are more than 200 ransomware families active globally, which complicates ongoing attempts to disrupt such attacks. These attacks sometimes only require one employee mistake to initiative, meaning it's only a matter of time until an overworked employee clicks the wrong link and exposes his/her firm to a hacker looking to steal critical data.
4) Organisations will be more stringent on the security of their third-party vendors and collaboration partners
In 2017, we can expect to see Organisations placing stricter compliance regulations on their third-party outsource vendors and other external collaboration partners. Third-parties such as advisors, vendors, sub-contractors and business partners pose a huge risk to Organisations because they require access to systems and data to conduct business, yet there is no accountability in the way they handle a company's data.
Besides unsecured systems, there is also the issue of sub-contractors stealing intellectual property. 67% of independent contractors and employees take IP with them for the express purpose of leveraging it at a new position, costing Organisations more than $400 billion in annual loses. With on-going pressure to achieve profits, Organisations will become ever more reliant on third-party vendors and processing partners in 2017. However, profitability can no longer trump security when it comes to collaboration.
5) InfoSec teams will give up on perimeter security, and instead adopt a data-centric approach
Data is flowing through and outside of Organisations at an unprecedented speed, and it will only continue to accelerate in 2017, especially with the growing adoption of outsourcing, a global/mobile workforce, and the use of innovative (but perhaps non-IT sanctioned) technologies such as Enterprise File Synch and Share (EFSS). These trends mean that the security of the infrastructure and the devices that are storing sensitive data become far less important, as information is likely present on multiple systems/devices and shared via numerous routes, many of which lead outside the traditional corporate perimeter.
The free flow of information will warrant a paradigm shift in the InfoSecurity community, who will be unable to assure the security of data as it moves across and outside of corporate boundaries. Instead, the InfoSecurity teams will shift their focus to securing the data itself, striving to achieve persistent security through solutions that control granular usage policies regardless of where the information resides.
6) Data-centric security solutions will become an InfoSecurity fundamental, joining the ranks of anti-virus and firewall technologies
The value offered by firewalls and anti-virus solutions has been on the decline. We predict that 2017 will be the year that Organisations acknowledge the need to secure the data itself, and not just infrastructure and devices. The shift to persistent data-centric has already begun with Enterprise Digital Rights Management (EDRM) capabilities as a key requirement in their Enterprise File Synch and Share (EFSS). In fact, a number of vendors have already jumped on the data-centric security trend in 2016, with Citrix and IBM adding Rights Management features to their EFSS and Enterprise Content Management (ECM) offerings. You can expect more vendors to follow suit in 2017. And I'd be surprised if any of the major EFSS, CASB (Cloud Access Security Broker) and Virtual Data Room (VDR) vendors hadn't integrated EDRM capabilities with their offerings by the end of next year.
For the Organisation itself, 2017 will be the year that Rights Management becomes part of an overall data-centric security infrastructure, seamlessly integrating with the Organisation's ERP, EFSS, ECM, Data Loss Prevention, Data Classification and SIEM solutions to provide automatic protection (and auditing) of information as it is downloaded, discovered and shared.
Top Security Predictions for 2017
In 2017 we predict a move towards stronger legislation combined with securing the data at the source. These will be two imperative shifts in the fight against the litany of unceasing data breaches. As hackers are taking a more targeted approach by exploiting higher value breaches beyond credit cards and social security numbers, no longer can we rely on just securing the infrastructure or devices. And as new collaboration technologies and the use of outsourcing continue to grow at a breakneck speed, it will be virtually impossible to keep up with hackers unless organisations evolve their infrastructures to support a data-centric security model.