Story image

LogRhythm divulges eight key predictions for cybersecurity in 2018

05 Dec 2017

​With the new year on our doorstep, LogRhythm has released its eight key IT security predictions for 2018.

LogRhythm’s Simon Howe says the main security concern for enterprises is securing and protecting their valuable assets.

“This has mostly been achieved this year through visibility of what has been stopped and responsiveness to new or emerging threats. WannaCry is a good example of security professionals having been able to demonstrate their preparedness to deal with a simple threat,” says Howe.

“At the same time, cybercrime has become an ever-increasingly serious and growing threat to both consumers and businesses.  In 2018, I believe that there will be good news in that security will continue to be discussed outside of IT departments and more often than not at the board level which will only increase its priority in investment for the benefit of consumers, shareholders and employees.”

Here are LogRhythm’s eight key predictions for the industry:

1. A new record for the largest data breach settlement will be set
Anthem currently holds the record at US$115 million over a 2015 cyberattack that compromised data on 78.8 million people

2. New U.S. and Australian legislation will be introduced to regulate activities related to privacy data and protection.
In response to continued fallout from the Equifax breach, the U.S. government will introduce new legislation (similar to GDPR) around privacy data protection that will mandate how companies must protect privacy data information.

Australia is also now less than three months out from the launch of the mandatory data breach notification laws which will have a significant impact on the overall risk and compliance strategies which both private and public sector organisations put in place in the year ahead.

3. Cyberwar campaigns between North Korea and the United States will emerge from the shadows and escalate, directly impacting the public for the first time.
The U.S. and North Korea have been carrying out cyberattacks against each other for years and ramping up their digital aggression. Largely in private.  Tensions will continue to escalate, and the public will be impacted for the first time.

4. IoT devices will become a more frequent target for Ransomware attacks and cyber extortion. 
Ransomware will continue to be a popular hacking method. Hackers will expand into new vectors and targets, impacting the everyday use of IoT. 

5. Drones will be exploited much more often as a cybersecurity threat vector.
Despite existing restrictions to mandate no-fly zones, drones, like iPhones, can and will be “jailbroken.” Expect to see quite a few cases where drones are used for more than just fun.

6. DDoSaaS will become a ‘thing’, and will result in another major DDoS attack against critical infrastructure.
Hackers will use a cloud service provider, such as AWS, to administer a DDoS attack.

7. Bitcoin wallet exploits will result in massive losses of personal wealth.
Due to the increasing popularity of BTC, many individuals will have their BTC wallets hacked and potentially lose a lot of money—or worse, their life savings.

8. Kim Jong Un’s PlayStation will be hacked.

Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.