In looking back at 2017, one of the enduring outcomes is that cybersecurity cemented its place in the national conversation.
Though there were a number of major cyber breaches or hacks in the past year, the most far-reaching and potentially devastating was from Equifax. Yahoo Finance reports that over 145 million people were impacted, with stolen data ranging from contact information to Social Security numbers.
The breaches impact consumers as well as businesses, which can face dire consequences if not adequately prepared for such attacks. BizVoice magazine looked at cybersecurity concerns and efforts in two recent editions (find those stories here and here). We interviewed Nathan Stallings of Matrix Integration for one of those stories; the technology infrastructure and advisory company assists its clients in preparing for and preventing such attacks.
Stallings shares his “Top 10” cybersecurity predictions for 2018:
- Resources (people and money) for preventative and proactive measures will continue to shift from the network perimeter to within the network. Network Access Control (NAC), network segmentation, and Security Information and Event Management (SIEM) products and/or services will be the top three solutions for most organizations.
- Cloud security will become even more important as workloads transition to the cloud, whether public, private, or hybrid. The challenge will continue to be defining the security responsibilities of the cloud provider versus the organization.
- Companies will begin to shift their cybersecurity strategy from “prevent and protect” to “detect and recover”. I believe that there is a risk of moving too far away from “prevent and protect” which, in turn, will make “detect and respond” exponentially more difficult. The best strategy is a well-designed combination of the two approaches.
- Ransomware will be significantly worse. Variations of WannaCry and NotPetya along with Ransomware as a Service (RaaS) will result in at least a doubling of the number of ransomware incidents from 2017. The cost of ransomware damages globally will likely exceed $5 billion in 2017 and will be substantially higher in 2018. There were approximately 4 million ransomware attacks in 2015, 638 million in 2016, and the estimate for 2017 is a 250% increase. The number for 2018 will be well over 2 billion attacks. Organizations should focus on prevention methods like security awareness training, detection methods like managed security services, and recovery. Recovery may well be the most important and relies heavily on the ability to fully eradicate the ransomware and having a sound data back-up strategy.
- Security awareness training of staff and contractors will become increasingly important as hackers turn away from direct attacks on network infrastructure and web applications and target the end-users with sophisticated “phishing” techniques.
- Significant attacks on Internet of Things and personal assistant/artificial intelligence will increase dramatically.
- The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) will continue to gain widespread acceptance and adoption because it is designed to complement, not replace, an institution’s risk management process and cybersecurity programs.
- More PCI compliance audits for credit card transactions as the PCI DSS compliance requirements become even more stringent.
- Additional high-profile breaches as large organizations continue to fail at the fundamentals of cybersecurity.
- Large healthcare organizations will continue to struggle to balance patient care, the needs of physicians and other medical personnel to quickly access critical information, and patient privacy with cybersecurity fundamentals.
If your company isn’t prepared to stop a cyberattack, is it prepared to recover from one? An old saying seems applicable for this new challenge: “An ounce of prevention is worth a pound of cure.”