Cybersecurity in 2017 was a long, winding road with many surprising obstacles. Every other week, there seemed to be a new widespread cyberthreat wreaking havoc, followed by the emergence of new and/or improved security technologies to counter the attack. We saw an influx of Internet of Things (IoT) hacks, increasing nation-state attacks globally, massive breaches caused by easily fixable, missed website patches, the prominence of artificial intelligence (AI) in security, and crippling worldwide ransomware and customer data theft attacks.
So what new cyber twists and turns can we expect in 2018? Based on the past year’s trends, Comodo’s panel of cybersecurity and threat experts compiled their top predictions on what new risks will be introduced, what new technology is needed to stop cybercriminals’ evolving techniques, and what areas organizations should focus their resources on in 2018.
VP of Cybersecurity Carlos Solari focuses on the need for smart infrastructure security as the technology becomes more and more common:
- “Smart cars need smart roads…which need smart-secure IT/OT infrastructures. Seeing, hearing, reading all the buzz and the impressive investment dollars behind the start of smart cars reminds me of when we thought that personal computers were the answer to take on the monolithic mainframe. That was in the 1970s.
- Fast forward to the present, and we now see that they needed an infrastructure – call it the internet in all its manifestations of protocol adoption, ethernet, websites, cloud data centers, mobile devices, etc. Smart cars serve as just one example. Were these PCs and their connections to the internet infrastructure made secure, at the earliest point of the OSI stack and TCP/IP implementations? No. That started late, and it remains in catch-up mode.
- We are at the moment of massive changes coming from robotics, IoT, and yes, even smart cars. They will succeed when they are coupled with smart roads and smart IT/OT infrastructures. That is the prediction. Now to the question. Think we should make them secure…before it’s too late?”
VP of Threat Labs Fatih Orhan explores SSL certificate reach, malware protection technology advancements and IoT:
- “SSL certificates will be everywhere. Phishing sites will be even more prevalent, and we’ll see more phishing sites with valid SSL, especially with the lowered requirements to obtain free certificates.”
- “Cybercriminals became more organized, and they act ‘as a service’ (aaS). Companies will also demand more security products ‘as a service’ to keep up—plus to maintain lower costs and increase efficiency.”
- “Malware attacks become even more complex every day, and security products will follow suit. More machine learning and AI-based solutions will, therefore, join the market in 2018.”
- “Ransomware is continuing to be a major threat for consumers and SMEs. Just look at WannaCry, BadRabbit and NotPetya in 2017. New products specific to this malware type will be developed by companies that want to protect against ransomware.”
- “IoT security is becoming a real concern, and every device is at risk. We need to be as vigilant with these types of devices as we are with PCs and servers. IoT devices and networks should be scanned for viruses and malware and have their firmware and operating systems checked as standard procedure. Security products should aim to protect even sensors.”
VP of Security Journeys Steven A. Menges explains why 99% effective protection from new malware is good…but not nearly good enough for the year ahead:
- “Tolerance for 98-99% effective malware solutions will wane, and organizations will demand 100% prevention and protection.
- The industry stubbornly sticks to an outdated ‘default allow’ approach that permits some new, unknown applications and files to run with unfettered access to system resources, welcoming sophisticated new threats with open arms. In sharp contrast, a solution featuring a ‘default deny’ security posture blocks and denies entry to those unknowns until they can be ruled out as new malware. Some solutions do this and automatically wrap unknown applications/executables in an isolated container so the user can open it in a safe environment during the analysis, which provides that default deny protection, but with the default-allow usability desired by businesses.
- When it comes to files, applications and other code knocking at your endpoint doors, you should fear the unknown, at least until you understand it. Adopt ‘default deny’ and simply keep them out (or safely contained) until you know they’re not a new threat, and address that last 1%.”
Though we can’t see the future, these highly probable insights should offer a helpful glimpse into this year’s cyberthreats and security trend crystal ball. Questions for our experts? Leave a comment below.