||U.S.: The Top 17 Security Predictions for 2017
||Tuesday, December 27, 2016
Electronic and Mobile Government
||Jan 02, 2017
“You ain’t seen nothing yet!”
That’s the collective view from global cyberexperts as they describe the coming year of new data breaches and technology disruption that will impact every area of life.
As we exit 2016, a year in which hackers stole the show for a variety of causes, cybersecurity has risen to the top of the international priority list in areas ranging from politics to national defense and from smart homes to our global economic system. With new drones, artificial intelligence, social media websites, robots, autonomous cars, smart city infrastructure, and a plethora of Internet of Things (IoT) devices coming onto the market daily, how can we prepare for next-generation cyberattacks?
At the beginning of this year, I answered the question: Why more security predictions and how can you benefit? At the end of that article, I told readers to expect even more security predictions as we head into 2017. That has turned out to be true — with a twist.
No doubt, there are more lists looking toward the future than ever before. As I examined hundreds of technology and security articles, blogs, slideshows, videos and infographics related to upcoming 2017 events, I’ve seen a growing number of organizations prefer to name their views on the coming year as “forecasts” or “trends” or “projections.” I suppose that a “forecast” does sound more scientific — like a weather forecast that is based on mathematical models, satellites, radar and much more.
What is quite clear is that these lists contain a wide variety of content that ranges from hopes (you might even call them New Year's resolutions based on what vendors are already working on) to connecting-the-dots threat projections (based on 2015 and 2016 data) to educated guesses on security to dramatic cyberspeculations that get media attention. Security predictions are also showing up on other lists from automobile announcements to defense spending to the home toy market.
Nevertheless, I maintain my view that the security and technology industries offer tremendous value with these cyber research reports and expert analysis on threats from their best and brightest. I strongly urge technology and security pros to review these referenced lists and check them twice, in order to improve your strategic plans, product road maps, incident response scenarios and overall business operation.
For background and comparison purposes, here's a reminder of the top 15 security predictions for 2015 and the top 16 security predictions for 2016. On a personal level, understanding online risk trends within your industry is a must for ongoing career growth and maintaining security thought-leadership as well as to enable workable technology solutions.
So here’s my “Guide to 2017 Security Predictions,” for readers who want to see the specific company prediction details as we head toward New Year’s Day 2017. If you want to jump to conclusions, my cyberprediction award-winners follow at the end.
The Top 17 Security Predictions by Company
1) Symantec — The three lists of predictions that are offered by Symantec are very similar to the lists offered by others, so I offer them here (with details at their website):
Cloud Generation dynamics define the future of the enterprise
- The enterprise network will expand and become increasingly undefined and diffuse.
- Ransomware will attack the cloud.
- AI/machine learning will require sophisticated big data capabilities.
Cybercrime becomes mainstream
- Rogue nation states will finance themselves by stealing money.
- Fileless malware will increase.
- Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS.
- Drones will be used for espionage and explosive attacks.
IoT comes to enterprise business
- The proliferation of the Cloud Generation.
- IoT devices will increasingly penetrate the enterprise, leading to increased IoT DDoS attacks.
2) Trend Micro — The list of eight security predictions offered by Trend Micro doesn’t contain any “wows,” but the explanations are again very helpful, offering in-depth explanations. Unlike some other companies, they think ransomware will plateau, but “attack methods and targets will diversify.”
They also predict that “Adobe and Apple will outpace Microsoft in terms of platform vulnerability discoveries.”
They also call out increasing “cyberpropaganda” as the use of tools and methods to influence elections and public opinion. “Most recently, we have seen platforms like WikiLeaks used for propaganda — with highly compromising materials leaked through the site just a week before the US elections. In our continuous monitoring of the cybercriminal underground, we also noted script kiddies advertise their earnings from fake election-related news. They claim to make around US$20 per month by driving traffic to fabricated smear content about electoral candidates.”
3) McAfee — This excellent white paper (in PDF format) offered by McAfee covers a wide range of trends and 2017 predictions that are worth noting. Here are a few highlights from their 14 predictions:
- Ransomware will remain a very significant threat until the second half of 2017. Ransomware-as-a-service, custom ransomware for sale in dark markets, and creative derivatives from open source ransomware code will keep the security industry busy through the first half of the year. Ransomware’s impact across all sectors and geographies will force the security industry to take decisive actions. We predict that initiatives like the No More Ransom! collaboration, the development and release of anti-ransomware technologies, and continued law enforcement actions will reduce the volume and effectiveness of ransomware attacks by the end of 2017.
- “Dronejacking” places threats in the sky
- IoT malware opens a backdoor into the home
- Machine learning accelerates social engineering attacks
- The explosion in fake ads and purchased “likes” erodes trust
- Hacktivists expose privacy issues
- Threat intelligence sharing makes great strides
4) Forcepoint — There are 10 Forcepoint predictions, and like many other companies, they offer a webcast and a downloadable document with details. A few of their highlights include:
- Compliance & Data Protection Convergence — 2017 will be the final full year before the European Union’s (EU) General Data Protection Regulation (GDPR) is a legal requirement. GDPR demands may drive business costs higher as new data protection controls are applied and multiple stakeholders grapple with the who, when and how of data accessibility requirements.
- Rise of the Corporate Incentivized Insider Threat — A new corporate-incentivized insider threat may clash with customer data, corporate profit and other performance goals, forcing businesses to re-evaluate their corporate environments and growth strategies.
- Voice-first Platforms & Command Sharing — The rise of voice-activated AI to access Web, data and apps will open up creative new attack vectors and data privacy concerns.
5) FireEye — A slightly different approach was taken by FireEye this year. They offer good questions and related answers regarding 2017. Here are a few highlights:
“In 2017, cyber security battles may favor criminals even more as the Internet of Things (IoT) continues to expand possible avenues of attack. The 2017 security predictions from FireEye include insights on:
- What investments security organizations will make in 2017. Security integration and orchestration should be considered the benchmarks of new technology investment.
- Which industry or type of organization might unexpectedly become a target of threat groups in 2017? Religious institutions in Western countries are at the top of the list because they typically lack a robust security program yet maintain contact information and other sensitive data.
- How threat groups will continue to target industrial control systems (ICS) in the near future? A recent report revealed that security patches were not yet available for more than 30% of identified ICS vulnerabilities.”
6) Kaspersky — Kaspersky Lab predicts that 2017 will continue to see the commodification of financial attacks.
"The commodification of attacks along the lines of the 2016 SWIFT heists — with specialized resources being offered for sale in underground forums or through as-a-service schemes, will continue in 2017. As payment systems become increasingly popular and common, this will be matched by a greater criminal interest next year.
As far as ransomware is concerned, Kaspersky Lab also anticipates the continuing rise of ransomware, but with the unlikely trust relationship between the victim and their attacker — based on the assumption that payment will result in the return of data.”
7) Palo Alto Networks — The list of Palo Alto predictions for 2017 is impressive. Their items are divided into “sure things” and “longshots.” They cover many cyberareas, including our cybertalent shortage.
- A few ‘sure things’ include: “Recruiters Search for Cyber Talent Outside of Security” and “The need for non-technical security professionals will also increase.”
Longshots include: “Companies acquire other organizations to inherit talent.”
8) Watchguard Technologies — I really like the various 2017 prediction offerings via several channels from Watchguard Technologies. They offer creative predictions, infographics, YouTube videos on their top predictions and more. Here are two examples:
- First on their Watchguard list is Ransomworm, and this video below describes what that means. They also describe IaaS as an attack platform and surface and new steps in a global cyberwar leading to a civilian casualty.
I also like this infographic listing 2017 predictions from Watchguard Technologies.
9) Imperva — There has consistently been a good list of predictions from Imperva over the years. This year they offer:
- Botnet of Things
- Ghosts from the past
- Cyber Fatigue
10) Beyond Trust — There are 10 cybersecurity predictions offered by BeyondTrust. They lead with this bold item: “The first nation state cyber-attack will be conducted and acknowledged as an act of war.”
They also list Tor v2, cloud-based attacks, and: “Behavioral technologies, such as pressure, typing speed and fingerprints, will be embedded into newly-released technologies.”
11) Checkpoint — There are Checkpoint predictions for mobile, industrial Internet of Things (IIoT), critical infrastructure, threat prevention and the cloud from Checkpoint. “An attack to disrupt or take down a major cloud provider will affect all of their customers’ businesses. While generally disruptive, it would be used as a means to impact a specific competitor or organization, who would be one of many affected, making it difficult to determine motive. There will also be a rise in ransomware attacks impacting cloud-based data centers.”
12) Forrester — The list of 2017 predictions from Forrester covers every major enterprise area, but details need to be purchased. In the cybersecurity area, they predict that risks will intensify. They also say, “Security And Skills Will Temper Growth Of IoT.” (Note that both Gartner and Forrester are using these predictions as lures to buy their more in-depth prediction analysis.)
13) Gartner — Always known for their ability to put next percentages next to their predictions, Gartner offered these free security predictions regarding the next 2-4 years several months back. More recently, Gartner offers these free mobile security predictions — with advice attached.
- The first significant finding in the report is that, “Mobile attacks (Pegasus, XcodeGhost) and vulnerabilities (Stagefright, Heartbleed) are increasing in terms of both number and pragmatism.
- Now is the time to start your Mobile Threat Defense (MTD) initiative.
- No EMM? Mobile Threat Defense protects employees and eliminates privacy concerns.
14) White Hat Security — Some very interesting predictions here, including this one from Dan Lacey:
Nothing will change. “Attackers will continue to discover and exploit zero-days. Companies large and small will continue to lose data and money to the usual attacks, often because they didn’t take basic security precautions. Individuals will continue to lose money in the usual ways, often because they lack basic knowledge of Internet safety. Manufacturers will continue to produce Internet-connected devices with no security, or easily by-passable security, enabling attackers to hijack them. Someone might pass laws mandating that new Internet of Things devices have security, but those laws will be unenforceable and impossible to apply retroactively. No one will deploy a better authentication system than passwords.”
15) Sophos — Here is another example of cybersecurity trends for 2017 from Sophos, which reads a lot like other lists, staring with: “Destructive DDoS IOT attacks will rise.”
- But at the same time, they offer this on encryption’s downside: “As encryption becomes ubiquitous, it has become much harder for security products to inspect traffic, making it easier for criminals to sneak through undetected. Unsurprisingly, cybercriminals are using encryption in creative new ways. Security products will need to tightly integrate network and client capabilities, to rapidly recognize security events after code is decrypted on the endpoint.”
16) IDC – And if you are not depressed yet, IDC leads with: ‘2017 will be worse in every aspect of information security’
This report, which was focused on Africa, also predicts more consolidating and outsourcing of security – which seems likely in other parts of the world as well.
17) IBM – The twelve predictions offered by IBM were a mix of industry experts and their own internal security leaders in various industries. They lead with more adoption of intelligence-led approaches to threats. Full disclosure: I am one of the experts included in the IBM list, with one of my predictions regarding fake news and online deception.
And for a few added extra predictions to check out, Dark Reading offers eight bold security predictions, including the LogRhythm prediction from CISO James Carder that the entire Internet will go down for a day. Also on the list – Tripwire’s prediction that 2017 will bring the return of the worm.
I also like Microsoft’s blog describing 17 women with predictions for 2017 and also for 2027.
Other good security prediction write-ups that I’ve seen include: Forbes.com, Betanews, The Register (UK), CIO.com on hiring, Computerworld, RSA, ITWorldCanada, Gigamon CTO Shehzad Merchant, ESET and Above Security.
2017 Prediction Wrap-Up
Almost everyone is saying that things will get worse in cyberspace before they get better. Most also think we are years away from meaningful, lasting cybersecurity answers. Still, our security industry progress is measured in small victories in many subcategories.
(As a side note, I have decided to cut back on the cyber prediction awards this year, offering only a few closing perspectives and trends regarding industry predictions.)
And yet, here are a few (see details earlier in article):
Most Creative — Watchguard Technology’s ‘Ransomworm’
Most Scary — LogRhythm prediction from CSIO James Carder that the entire Internet will go down for a day.
Most Common and Likely — More Internet of Things (IoT) Malware leading to more DDoS attacks. (It’s already happening.)
Most Dull (yet also insightful) — Dan Lacey, White Hat Security: ‘Nothing will change.’
There is no doubt that the most common security predictions include an increase and expansion of cyberthreats against the cloud, more IoT attacks leading to disruptions, more (and different) ransomware and an increase in nation-state/cyberwar issues cutting across international lines.
What's missing? Companies have again held back on predicting a major Cyber Pearl Harbor or Cyber 9/11 type event, but many did predict that cyberterrorism will be growing more destructive in 2017. There is also a lack of government cybersecurity predictions covering what the new Trump Administration might do in the coming year. Finally, I was surprised that we didn't see more of a spotlight on 'bug bounties' or coordinated vulnerability disclosure programs - which I think will surge in government and other industries in the next few years.
For a wider view on global security trends in 2017, I encourage readers to take a look at the 2017 Global Forecast from the Center for Strategic & International Studies (CSIS). This website offers many in-depth insights, along with a 107-page report that covers many security topics, including cybersecurity.
In conclusion, the cybersecurity market is growing rapidly. According to cybersecurityventures.com market report, “We anticipate 12-15 percent year-over-year growth through 2021. ...
The U.S. government has increased its annual cybersecurity budget by 35 percent, going from $14 billion budgeted in 2016 to $19 billion in 2017. This is a sign of the times and there’s no end in sight. Incremental increases in cyber security spending are not enough. We expect businesses of all sizes and types, and governments globally, to double down on cyber protection.”
So despite some less than encouraging predictions regarding online safety and security, the future looks bright in 2017 for those who can offer workable solutions to solve security problems in cyberspace.
As Thomas Edison reportedly said last century: “Opportunity is missed by most people because it is dressed in overalls and looks like work.”
And, "There's a way to do it better — find it."
(BY DAN LOHRMANN)