Every year we seem to see more disastrous cybersecurity headlines and 2016 was no exception. We saw our healthy dose of data breach and ransomware stories and on top of that, the web’s most popular sites were taken out by the Mirai botnet in one of the biggest DDoS attacks and there were allegations of Russia tinkering with the U.S. elections. What’s abundantly clear is that the IT security officer’s role is becoming more critical than ever for businesses in the 21st century.
As we’ve seen in the past, 2017 will look to be an even busier year for cybersecurity professionals. New threats will emerge, old threats will still linger and there will be a steady flow of cybersecurity issues in the news. Below we’ve compiled our top three predictions of where we see security headed in the coming year.
Industrial IoT hacks will rise
The Industrial Internet of Things (IIoT) will be a more predominant topic in 2017. The mechanical engineering and automotive industries who already have the know-how to integrate components with security mechanisms, such as cryptographic keys deep into the devices, will be tested. The Mirai botnet illustrated the potential flaws in unsecured endpoints and IIoT could be a fertile ground for hackers to set their sights. Successful security implementation against attacks will depend on two main factors – considering IT security approaches much earlier in the development phase and the need for the two separate worlds, IT and industry, to grow together.
Internet of Vulnerabilities
In the coming year, IT managers will be looking to know more about the number of connected devices being utilized on their organization’s network. As we saw with the BYOD (bring your own device) movement, while cost effective, companies saw that using personal devices resulted in sensitive company data landing outside of the protected corporate environment. This is not just a security issue, but also a compliance issue. This will also be the case with the increasing adoption of connected devices and applications in the enterprise. Which IoT devices are in the network? Where is the end user located? What company data could be at risk? Add on top of this, employees bringing their own IoT devices to work, from wearables to other devices all connecting to the network. Unambiguous identification, authentication or encryption and clear security guidelines will be essential.
Security governance and regulations
Though the EU-U.S. Privacy Shield, designed by the U.S. Department of Commerce and European Commission to protect the transfer of personal data between the European Union and the U.S, is currently being reviewed by the European Court of Justice (ECJ), it’s a move in the right direction. Irrespective how Privacy Shield plays out, in 2017, we will see more movement in the space. Companies and organizations are on the safe side when they encrypt sensitive information as closely as possible to the data source and set up an unbreakable vault for key management. For example, hardware-based security elements, such as smartcards, tokens, and hardware security modules, provide the trusted foundation for infrastructure-based security.
These are just three of the many topics we will be tracking in 2017. Regardless how big a factor these play out next year, cybersecurity professionals will continually be challenged to anticipate and stay ahead of the rising tide of threats.
Meghana Shendrikar/Maryam Nabi
OneChocolate for Utimaco
+1 415 989 9803