Cybersecurity took a large hit in 2017 with notable breaches at Equifax and Anthem. Although the IT community was working hard to stop threats, these breaches showed were vulnerabilities still existed. No matter how tough you believe your security to be, every business out there is expected to increase their efforts in 2018. The 2017 IT Risks Survey
by Netwrix found that many businesses still struggle with gaining visibility into activities by users within their own IT environments, causing a higher risk of internal breach. Companies have to be protected from internal threats and external threats, while understanding how new technologies like IoT, AI, blockchain and automation impact security. It’s a complex security environment. Let’s discuss the major cybersecurity predictions businesses should be aware of this year.
Compliance May Become More Difficult
In 2018, compliance will get tougher as security threats increase. With data being used in new ways, new regulations are being put into place
to combat cybercrime. This includes the NIST Special Publication 800-171, which came into effect for the United States in December of last year, which protects controlled unclassified information. Compliance laws also come with harsh penalties for those who choose to ignore them. These changes will cause businesses to put even more effort into their cybersecurity in order to stay on the up and up.
POS Devices Will Be Targeted
According to Forrester
, “Many merchants have updated their payment systems to use end-to-end encryption and prevent criminals from obtaining credit card data from point of sale (POS) systems. This has led criminals to turn to ransomware as a means of monetizing an attack, as opposed to stealing and selling data.” Instead of gaining access to credit cards, attackers can use ransomware to completely shut down a company’s POS system, halting operation within the entire company. A company that is stuck may be willing to pay a ransom to get their POS back. With new advancements in security, businesses should be able to combat ransomware more effectively this year.
Security with Blockchain
Blockchain is known for being extremely secure, using encryption for the cloud and on-premise software. Blockchain also offers tamper detection and transactional integrity, making it a great choice for security. This year, blockchain will take on cybersecurity by offering many different options, as stated by Forrester, “Blockchain will become a foundational technology
for: 1) certificate issuance and authentication; 2) IDV; 3) malware and ransomware protection via binary reputation checks; and 4) document authenticity and integrity verification. Those are just the immediate use cases.”
AI Plus Analytics Will Equal Improved Security
According to Netwrix, “The growing adoption of technologies like user and entity behavior analytics (UEBA) will enable organizations to establish stricter control over their IT infrastructures and better understand their weak points, so they can fix security holes before a data breach occurs.” Artificial intelligence alongside data analytics
will help improve security by learning about the location of security holes and suspicious actions throughout the company’s software. These two technologies together will help IT departments be proactive, learning where potential breaches could exist and preventing them through making the necessary changes.
A New Approach to Security Decisions
When it comes to breaches, whether internal or external, fast decision making can be the deciding factor in the outcome. In 2018, more companies will begin using the Gartner’s CARTA approach or continuous adaptive risk and trust assessment. The CARTA approach helps decision makers improve their security measures before the risk, by assessing their security needs and developing a plan first. CARTA will only run efficiently with the use of analytics, something that is also set to improve this year. Kasey Panetta with Gartner
states, “Analytics will speed up detection and automation will speed up response time, acting as a force multiplier to scale the team without adding people. Analytics and automation ensure enterprises focus limited resources on events with the highest risk and the most confidence.” With resources focused on higher risk events, businesses are poised to properly deal with breaches should they occur. In 2018, cybersecurity is a hot button item, perhaps the highest on the list. Advancements will occur that change the face of security for businesses within the United States, alongside potential breaches that will test our IT strength. Only time will tell what this year holds.