With the new year on our doorstep, LogRhythm has released its eight key IT security predictions for 2018.
LogRhythm’s Simon Howe says the main security concern for enterprises is securing and protecting their valuable assets.
“This has mostly been achieved this year through visibility of what has been stopped and responsiveness to new or emerging threats. WannaCry is a good example of security professionals having been able to demonstrate their preparedness to deal with a simple threat,” says Howe.
“At the same time, cybercrime has become an ever-increasingly serious and growing threat to both consumers and businesses. In 2018, I believe that there will be good news in that security will continue to be discussed outside of IT departments and more often than not at the board level which will only increase its priority in investment for the benefit of consumers, shareholders and employees.”
Here are LogRhythm’s eight key predictions for the industry:
1. A new record for the largest data breach settlement will be set
Anthem currently holds the record at US$115 million over a 2015 cyberattack that compromised data on 78.8 million people
2. New U.S. and Australian legislation will be introduced to regulate activities related to privacy data and protection.
In response to continued fallout from the Equifax breach, the U.S. government will introduce new legislation (similar to GDPR) around privacy data protection that will mandate how companies must protect privacy data information.
Australia is also now less than three months out from the launch of the mandatory data breach notification laws which will have a significant impact on the overall risk and compliance strategies which both private and public sector organisations put in place in the year ahead.
3. Cyberwar campaigns between North Korea and the United States will emerge from the shadows and escalate, directly impacting the public for the first time.
The U.S. and North Korea have been carrying out cyberattacks against each other for years and ramping up their digital aggression. Largely in private. Tensions will continue to escalate, and the public will be impacted for the first time.
4. IoT devices will become a more frequent target for Ransomware attacks and cyber extortion.
Ransomware will continue to be a popular hacking method. Hackers will expand into new vectors and targets, impacting the everyday use of IoT.
5. Drones will be exploited much more often as a cybersecurity threat vector.
Despite existing restrictions to mandate no-fly zones, drones, like iPhones, can and will be “jailbroken.” Expect to see quite a few cases where drones are used for more than just fun.
6. DDoSaaS will become a ‘thing’, and will result in another major DDoS attack against critical infrastructure.
Hackers will use a cloud service provider, such as AWS, to administer a DDoS attack.
7. Bitcoin wallet exploits will result in massive losses of personal wealth.
Due to the increasing popularity of BTC, many individuals will have their BTC wallets hacked and potentially lose a lot of money—or worse, their life savings.
8. Kim Jong Un’s PlayStation will be hacked.