It’s that time of year again. A time to make some vague or very specific estimate/guesstimate of the things likely to disrupt us in a negative way in 2018.
If you want to know what cyber threats we will face in the next year, look no further.
Well not quite…information security predictions should ideally help guide decisions about where to invest resources, but instead they are often ‘over dramatised’ to attract attention and clickrate.
For example drone hacking in 2016, like 2017 was and 2018 will be…a theoretical issue.
It is safe to say these issues will be on the 2018 list… the top threat trends for 2018 are: a continued increase in ransomware, more attacks on Bitcoin users and companies, more exploitation of the internet of things (IoT), new nation state attacks, General Data Protection Regulation which is set to be implemented in the EU next year, more use of machine learning, and lots suggesting company budgets for infosec need to increase !
We may well see a return to securing applications instead of building complex, expensive and defence strategies for APT (advanced persistent threat) attacks – suggesting developers will be focusing on common threats for their specific products, rather than trying to guard against highly sophisticated attackers such as a state sponsored hacking group.
Infosec hasn’t changed a huge amount in the past 20 years since I’ve been active in it. At a macro level, we still hear about data loss, weak passwords, and failure in service availability combined with vulnerabilities that weren’t patched or missed for months at a time.