Cyber Security And The Challenges In 2018
As we move into the year 2018 we see how the cyber security is getting tough. Criminals are innovating their modus operandi to breach the systems. We have seen how in 2017 they were a step ahead. The evolution is going on. Taking a cue from what happened to Equifax, Verizon, Kmart the organizations that suffered a massive breach and loss of reputation. According to Ponemon “if you seek a silver lining in the cloud, perhaps you’ll be glad of the news that the global average cost of a data breach is down 10 percent over previous years to $3.62 million.”
According to Michelle Drolet, star Advisor, Contributor, CSO here are some of the challenges and threats that we are most likely to encounter in 2018.
General Data Protection Regulation
If your preparations for the European Union’s new GDPR, explaining how companies should process, store, and secure the personal data of EU citizens are not complete, or at least well underway, then you better get moving. The GDPR will be enforced from May 25, and infringements can provoke fines of up to 20 million euros or 4% of the total worldwide annual turnover of the preceding financial year.
Artificial Intelligence and machine learning
As AI and machine learning is going to play a major role in cybersecurity. The tussle with cybercriminals is always about who is first, and taking into account of all that attacks in 2017 machine learning will prove to be a blessing. Why, because ML can accurately predict and identify attacks instantly and it is going to be a boon for the cyber world. Professionals need to be honed with the skills so they stay ahead, anyway the criminals are going to catch up with these technologies.
Be alert about Ransomware
Ransomware is here to stay for a while and in 2017 it created quite a havoc, but it is predicted that they are going to target high-value victims. We are not sure how many of them have learned the consequences of WannaCry kind Ransomware, but looks like the business owners are yet not fully prepared to deal with it in case of another attack. What is needed is the patching and updating of the system regularly to avoid getting into such situation. This one simple step if taken care a lot of this Ransomware issue can take care of.
Data Breaches and how you handle it
Well, it may be a tough call to eradicate data breaches fully, but business and other organizations can obviously block and be safe if they handle it carefully. We saw what happened to Equifax, they failed to fall in line and never bothered to update their system with the patches. If only they had heeded what was conveyed to them things would have been different. You not only lose business, but also trust and reputation.
The Weak Link IoT
The it sounds like a geek technology that has the power to execute things, and plus the artificial intelligence it can be one of the efficient tools to empower humankind. It remains the most vulnerable technologies, with dozen sensors and devices attached to it. This gives the hackers a clear access since most the devices are configured poorly with weak credentials. The attacker uses botnet to exfiltrate stolen data, while looking for vulnerabilities. It needs to be secured thoroughly, before it becomes a major medium for the data breach in 2018.
Developing a common language
The need to form an organization like NIST cybersecurity framework. Unitedly all will form a common language and as we create and adapt to that, it will introduce a collective mechanism as a defense against cyber attacks. This looks like a big statement which needs like-minded people to sit and think how they are going to implement it in the coming year 2018.
Application Testing and Patching
When we move into 2018, we should have taken some clue of what had happened a year before. People failed to update and patch their systems. Providers failed to see the vulnerabilities in their OS, letting criminals made use of those flaws. So identifying problems is not enough, but there should be application testing tool which is often ignored. if everyone brainstorms and put their efforts to keep their system updated with regular patch releases, we can see some drop in data breaches for many years.
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.