2015 was quite a year! Hacks and ransomware got personal. APT attacks and cybercrime-as-a service became widespread. The scary future of IoT hacking became a reality with the demonstration of self-driving car hacks. And, a new threat vector of mobile devices was materializing. Below are my insights on what we are going to see this upcoming year:
1. Ransomware prevalence will continue to soar and be a threat to individuals, as well as to corporations. Ransomware malware is easily available for sale on the Dark Web and relatively inexpensive compared to the potential profits gained. Supporting this fast and easy ROI, I expect ransomware to expand into additional operating systems and to mobile devices.
2. The demand for cybersecurity solutions on mobile devices will increase dramatically. As seen by StageFright, Android operating systems will continue to be a ground for lucrative attacks. The attacks on iOS will not stay behind and hackers will try to extend the reach of their attacks beyond jailbroken devices. I believe that the forecasted increase in the penetration rate of mobile payments technologies will be also serve as one of the key drivers for this trend. Furthermore, with all the attacks we have seen on Android OS in 2015, I suspect we will see a major breach originating from a mobile device attack sometime in 2016.
3. Traditional endpoint protection and antivirus vendors will start integrating Endpoint Detection Response (EDR) capabilities. EDR seems to be the natural next step for endpoint protection and antivirus vendors who will have to update the visibility and protection capabilities of their legacy solutions. I expect to see quite a lot of activity both in in-house R&D efforts, as well as by mergers and acquisitions of smaller players. It will be no surprise to see one of the leading EDR vendors get acquired by one of the larger players in the antivirus/endpoint protection arena.
4. Managed Security Services (MSS) offerings will become common practice. We will witness more and more IT Integrators and Mobile Network Operators (MNOs) which will introduce MSS offerings, especially to accommodate the growing shortage in security professionals.
5. Industrial networks will be more prone to targeted cyber-attacks. As ICS/SCADA networks shift and connect to more common communications protocols, we’ll be seeing more attack attempts on industrial networks and infrastructure.
6. The evolution of IoT will result in more attacks on smart devices. According to consulting firm McKinsey & Company, the predicted potential economic impact of the IoT will reach $11.1 trillion per year in 2025. In my opinion, there is a high probability that in 2016 we’ll encounter a life threatening IoT hack, with a key focus on cars, healthcare devices and wearables. As seen with the Hello Kitty and VTech hacks, the impacts of the hacks will most likely be dramatic and go beyond financial damage to sensitive data leaks.
7. A rise in demand for cyber insurance. As awareness increases, the demand for cyber insurance will expand to SMB. However, the coverage offered will remain restricted due to the limited capability to assess insurance premiums.
8. Retailers will start investing more resources in POS terminals. POS attacks continue to grab headlines, such as the recent Hilton and Hyatt hotel breaches and will continue to do so. As a direct consequence of these high-scale attacks and the severe damages they inflict, retailers are realizing the importance of investing more resources to protect their POS terminals.
9. SMBs will become a bigger consumer of cybersecurity solutions. SMBs are becoming growing targets for cyber-attacks because they are perceived as low hanging fruit. The scale of security spending by SMBs will increase as cyber threats and their business impact become common knowledge. This will be facilitated by the increase in advanced cybersecurity solutions offered with cloud management.
10. The focus of cybersecurity will continue shifting from detection to prevention. With APT attacks on the rise and the daily growth of zero-day vulnerabilities, endpoint security solutions offering detection without genuine prevention no longer suffices. The need for quicker post-breach prevention analysis will surface as key in enterprise security methodologies. Additionally, the increase in new attacks that can evade sandboxes, and the prevention limitations inherent in detection based dynamic-forensics (most EDRs), give rise to cybersecurity solutions that can provide real-time prevention and not just detection.
With this in mind, it makes sense to approach security differently this year and not limit your security needs to just detection, which can still leave you open to harm. That’s hardly a solution. Prevention needs to be addressed in real-time, which will help companies avoid becoming the next news headline.