Greg Day, Vice President and Chief Security Officer for EMEA, Palo Alto Networks shares the predictions and recommendations for Cyber Security in 2018
This time of the year is always a chance for a little reflection on the past 12 months, and – perhaps more importantly – what is likely to happen next. Here are some of my thoughts on what I think we’ll see kicking off in the coming year, along with suggestions for how to manage these risks.
Cyberattacks’ impact will change – With some of the ransomware attacks in 2017, it is clear that cyber incidents are now having real-world, physical impact on people. In this context, the role of security leaders, such as the CSO, must evolve. If there is harm to citizens due to technology failure, there will likely be public requests to understand if and why there was neglect, who bears responsibility, and what relevant actions must be taken.
Twenty-year old first principles are finally reset – In 20 years, practitioners have strived to solve every problem. However, significant changes in IT consumption models – dynamic, agile systems that are increasingly disposable in nature and based around subscription billing – mean that businesses will no longer continue to buy and build separate siloed cybersecurity solutions. Functioning in such dynamic environ-ments requires cybersecurity to be native and automated, to work and adapt at the same pace. Cyber adversaries will extend further into ransomware, OT systems and cryptocurrencies
- In recent years we have seen ransomware used for profit. While continuing to be financially focused, I believe ransomware will also start to do more data analysis. The volume of OT is growing at pace, whether that is factory systems or automated drones, and we have yet to see the impact of such systems coming under direct attack. Finally, with the growing popularity of cryptocurrencies, we can expect to see more mal-ware focused on stealing account information to empty these next-generation accounts.
Credential theft will target weak collaborative cloud points in the supply chains of all kinds of businesses – Businesses must start to consider what information they include in these spaces, how they validate the use of connected third parties so they can spot anomalous behavior, and look at how they segregate such connection points from more critical, internal business systems, using methodologies such as the Zero Trust model.
Focus on responsibilities and accountability – The number of organizations and processes is increasing, which widens the scope for error, and therefore requires increased understand-ing and visibility of where responsibilities and accountabilities reside. The likely outcome is that every business will be looking at contract details and regulatory requirements, to be clear where these lie. They will also be looking to keep richer audit trails and logs, detailing each transaction to be able to validate when, where and why incidents happen.
Significant new EU regulation will hit the streets – Like any new legislation, it will take time for businesses to understand the impact the regulations will have on their business. All carry potentially significant penalties for infringement, so 2018 will be a big year for businesses in coming to grips with what each of these mean when it comes to applying cybersecurity and managing ongoing requirements.
Takeaway – your 2018 resolution: cyber-security must be more agile – If we are to scale for the future, we need to refocus our time and resource usage, so only the minority is spent on sustaining legacy, and the majority is supporting the exponential agility our businesses are embracing. As such, consider a New Year’s resolution to detox your legacy to ensure you can embrace your future.