Key trends taking place over 2016

Cybersecurity expert Gerard Bauer, VP EMEA at Vectra Networks, offers some thoughts on key issues for the coming year.

  • 9 years ago Posted in
"The shortage of security researchers and incident-response personnel will get worse.
The dire need for security researchers and incident response personnel is growing faster than the available talent pool. This will prompt organisations to rely on the automation of manual, time-consuming security tasks. It’s the only practical short-term way to free-up the thinning ranks of security teams to focus on critical and strategic security work.
 
"Organisations will realise that algorithms – not Big Data – are the key to detecting and mitigating active cyber attacks.
To combat cyber attacks that evade perimeter security, enterprises are collecting petabytes of flow and log data in hopes of detecting attacks. These systems turn into unwieldy analysis projects that typically detect an attack only after the damage is done, wasting valuable time and money. Threat detection algorithms will play a significant role in making Big Data more useful and actionable.
 
"The European Union will be forced to back-off privacy protection rules and consider mandatory breach reporting.
The old security paradigm is that someone’s data traffic must be inspected to determine the presence of a cyber threat or attack, resulting in the potential for privacy violations. However, new innovations in data science, machine learning and behavioural analysis will enable protection while preserving privacy.
 
"Cyber attackers will increasingly use mobile devices to get inside enterprise networks.
Stagefright vulnerabilities on Android were just a preview of things to come. And threat researchers recently claimed a $1 million bounty for remotely jailbreaking iOS. They’ve both been the target of malicious ad networks and trojan apps. Users of these infected mobile devices – whether personally-owned or company-issued – can easily walk through the front door and connect to enterprise networks, exposing critical assets to cyber attackers.
 
"SSL decryption becomes more difficult
Attackers increasingly target and compromise certificate authorities as part of sophisticated man-in-the-middle attacks. This leads more applications to enforce strict certificate pinning, and consequently make the inspection of SSL encrypted traffic far more difficult for traditional security products.
 
"Ransomware will focus more on holding enterprise assets hostage and less on individuals.
Ransomware will take on a new, larger role by concentrating attacks on enterprises, holding critical asset hostage in return for even bigger money. Attackers love  ransomware because it offers a more direct path to cash and is more profitable by eliminating the complex network of criminal fencing operations.
 
"Eastern European sources will mount an increasing number of targeted attacks against government and big business.
Whether mounted by sophisticated criminal organisations or nation states, cyber attacks from Eastern Europe will continue to grow. More high-profile organisations will publicly apologise for cyber breaches that compromise personal information, intellectual property and even classified data, causing significant embarrassment and damage to their reputations."
By Barry O'Donnelll, Chief Operating Officer at TSG.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Milou Lammers, Director of Compliance, iland.
By Brett Beranek, Vice-President & General Manager, Security & Biometrics Line of Business at...
By Michael Queenan, co-founder and CEO of Nephos Technologies.
By Tawnya Lancaster, Lead Product Marketing Manager, AT&T Cybersecurity.
Why businesses need a bigger boat for tackling IaC security By Robert Haynes, SCA & Open Source...
Cybersecurity continues to be a major challenge for companies, with as many as four in ten...