2017 was another year of major data security, data loss and hacks. These data breaches have increased pressure on business and individuals alike, to clearly focus on the importance of securing data. Whether the warnings are heeded, remains to be seen.
Colin Tankard, Managing Director of data security company, Digital Pathways, offers the following 10 predictions for the cyber market in 2018.
- A major cloud player will be shut down for 24 hours due to a cyber attack and data loss. This will trigger users to question their existing providers as to levels of encryption, where are the keys held and who in the cloud organisation has access to the keys? This will see the growth in third party security services such as Bring Your Own Key (BOYE) will be the mantra, as companies will no longer trust a single cloud vendor and will spread their data around a number of providers to lower the overall risk of data outage.
- IOT security will remain weak, even with the launch of light encryption. This will be due to manufactures still using old chipsets that have security flaws.
- Email security will be one of the fastest growing areas in data security as ‘man-in-the-middle’ attacks increase and more companies are fined, due to leaked data from intercepted emails or, rouge emails being received spoofing to be legitimate.
- There is likely to be a grave shortage of skilled staff in order to plug the GDPR need, especially in the rise of the Data Protection Officer, now mandatory within the GDPR regulations.
- Voice recognition will be widely deployed as a form of two-factor authentication, given the improvements in Siri, Alexa, Cortana and Google.
- At present around 31% of companies pay ransom-ware demands. This will reach 50% in 2018.
- File-less attacks will be the new attack Trojan. These viruses reside in the memory of the PC and remain there until it is rebooted. Normal AV will not detect these attacks.
- Come May 2018 only 10% of companies will be ready for GDPR and, by the end of the year, we will see the first companies closing due to having to meet the considerable fines.
- Social engineering attacks will increase as a way to get into an organisation. The targets will be young members of staff who tend to be less controlled about what is viewed, or interacted with, online. This will lead to an increase in detection systems being deployed inside an organisation so as to spot unusual behaviour, both in people and systems.
- We will all start calling our cars KIT as we move into the driverless era!