As with previous years, 2016 saw no shortage of data breaches. Looking ahead to 2017, the Information Security Forum (ISF), a global, independent information security body that focuses on cyber security and information risk management, forecasts businesses will face four key global security threats in 2017.
"2016 certainly lived up to expectations," says Steve Durbin, managing director of the ISF. "We saw all sorts of breaches that just seemed to get bigger and bigger. We lurched from one to another. We always anticipate some level of it, but we never anticipate the full extent. I don't think anybody would have anticipated some of the stuff we've seen of late in terms of the Russians getting involved in the recent elections."
The ISF says the top four global security threats businesses will face in 2017 are the following:
- Supercharged connectivity and the IoT will bring unmanaged risks.
- Crime syndicates will take quantum leap with crime-as-a-service.
- New regulations will bring compliance risks.
- Brand reputation and trust will be a target.
"The pace and scale of information security threats continues to accelerate, endangering the integrity and reputation of trusted organizations," Durbin says. "In 2017, we will see increased sophistication in the threat landscape with threats being tailored to their target's weak spots or threats mutating to take account of defenses that have been put in place. Cyberspace is the land of opportunity for hacktivists, terrorists and criminals motivated to wreak havoc, commit fraud, steal information or take down corporations and governments. The solution is to prepare for the unknown with an informed threat outlook. Better preparation will provide organizations of all sizes with the flexibility to withstand unexpected, high-impact security events."
The top four threats identified by the ISF are not mutually exclusive. They can combine to create even greater threat profiles.
Supercharged connectivity and the IoT bring unmanaged risks
Gigabit connectivity is on the way, and it will enable the internet of things (IoT) and a new class of applications that will exploit the combination of big data, GPS location, weather, personal health monitoring devices, industrial production and much more. Durbin says that because connectivity is now so affordable and prevalent, we are embedding sensors everywhere, creating an ecosystem of embedded devices that are nearly impossible to secure.
Durbin says this will raise issues beyond privacy and data access: It will expand the threat landscape exponentially.
"The thing for me with 2017 is I describe it as an 'eyes-open stance' we need to take," Durbin says. "We're talking about devices that never ever had security designed into them, devices that are out there gathering information. It's relatively simple to hack into some of these things. We've seen some moves, particularly in the U.S., to encourage IoT manufacturers to engineer some level of security into their devices. But cost is an issue, and they're designed to link."
Sign up for Computerworld eNewsletters.