The year 2016 was definitely not the best year for cybersecurity. A series of headline-making data breaches like those at MySpace, LinkedIn, Friend Finder Network and Mossack Fonseca have proven that hackers are currently beating organizations in the field of data protection. In 2017, the situation is unlikely to get better; rather, we will see an increase in sophisticated attacks that force organizations to seek new ways to safeguard their businesses against growing cyber threats.
Netwrix looks at the cybersecurity trends and threat patterns that are most likely to affect organizations in 2017:
1. Connected systems and devices
Increasingly connected infrastructures and the widespread adoption of IoT will bring new security risks and expand the surface for cyber attacks. Hackers will likely try to exploit vulnerabilities within smart systems to gain access to organizations’ critical assets, and they may even put people’s lives in jeopardy (e.g., by sabotaging self-driving cars).
2. Cloud hacks
According to the Netwrix 2016 Cloud Security Survey, cloud is gaining traction, with the number of organizations using the technology increasing from 43% in 2015 to 68% in 2016. However, growing volumes of sensitive data stored in the cloud will stimulate hackers to invent new ways to compromise IaaS and SaaS providers. Another disturbing trend will be a rise in DDoS attacks targeting cloud and hosting service providers, which are already called a “new ransomware” and may potentially make CISOs more reluctant to use cloud technologies.
3. State-sponsored attacks
Culprits backed by nation-states will remain a headache for governments and businesses alike, due to their ability to perform large-scale attacks without being noticed. State-sponsored hackers will use ever-more sophisticated techniques to sabotage elections, bring disorder to business operations and steal information about projects of national significance.
4. Machine learning
Machine learning has amazing potential in the cybersecurity field, but in 2017, this technology will be of great interest to hackers as well as IT pros. While organizations will use machine learning as a tool to improve detection of anomalies in user behavior, generate threat predictions and remediate security issues, culprits may use its algorithms as a weapon to enhance social engineering attacks or perform vulnerability scanning.
5. New security regulations
The growing market demand for stronger security will force regulatory bodies to develop new compliance standards and legislations in response to the latest cybersecurity attacks and better insider threat detection. At the same time, organizations will likely increase their use of self-regulatory procedures to regularly monitor their own adherence to standards.