ISACA Now Blog

Knowledge & Insights > ISACA Now > Posts > 2018 Predictions for Cyber Security

2018 Predictions for Cyber Security

Ravikumar Ramachandran, CISA, CISM, CGEIT, CRISC, CISSP-ISSAP, SSCP, CAP, PMP, CIA, CRMA, CFE, FCMA, CFA, CEH, ECSA, CHFI, MS (Fin), MBA (IT), COBIT-5 Implementer, Certified COBIT Assessor, ITIL-Expert & Practitioner, Account Security Officer, DXC Technology, India
| Posted at 3:02 PM by ISACA News | Category: Security | Permalink | Email this Post | Comments (2)

Ravikumar RamachandranWith rapid digitization and the inter-networked world leading to a huge data explosion combined with the relentless growth of transformative technologies, the importance of cyber security – now and in the future – is unquestionable.

As 2018 approaches, here are my top five predictions for cyber security in the coming year:

  • Huge demand for security professionals with evolving and grounded expertise
  • Stringent global regulations
  • Ransomware, DDoS attacks and cyber warfare
  • Explosion of threats, vulnerabilities and IoT
  • Privacy and ethics concerns for big data, and back to basics

Huge demand for security professionals with evolving and grounded expertise
Industry requires skilled cyber security professionals who can not only meet the current challenges, but also evolve continuously with the changing technology landscape and with the associated threats and vulnerabilities. Some of the top skills needed in the context of the evolving threat scenario are as follows:

  • Data analysis, data Governance and enterprise IT governance
  • Data analytics, data science and big data management
  • Cognitive computing and artificial intelligence
  • Strong knowledge to address ransomware and evolving IoT connectivity issues and mobile access
  • Application security and knowledge of defensive software engineering
  • Strong knowledge on regulatory guidelines

Stringent global regulations
General Data Protection Regulation (GDPR), an EU regulation, will become applicable to every country in the world in May 2018. Organizations that fail to comply can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements, such as not having sufficient customer consent to process data or violating the core of privacy by design concepts. Given the serious implications, GDPR will be a priority for boards of directors around the globe.

Ransomware, DDoS attacks and cyber warfare
Ransomware, or categorized as crypto-ransomware, encrypts certain important files on the infected systems and forces users to pay ransom through online payment methods to get the decrypt key.  Normally payments are demanded in crypto-currencies like that of bitcoin; however, payment does not guarantee that files will be decrypted.

Ransomware has spread across the world and become a profitable business model. This trend will escalate, provided users don’t follow best practices and systems remain unpatched.

DDoS poses a serious threat to organizations worldwide, especially when they lack the resources and the bandwidth to handle the large network traffic. The threat of DDoS will be accentuated with the increased usage of Internet of Things (IoT) connected devices in the enterprise, which when left unsecured, can become pathways as well as slave nodes, and add to the DDoS traffic stream.

As a consequence, cybercrimes will flourish, which could be used by powerful nations to initiate and develop highly refined and targeted attacks against targets of national value belonging to other countries.

Explosion of threats, vulnerabilities and IoT
Due to exponential growth of innovative technologies, lots of new vulnerabilities will be introduced.  However, the highest risks will still come from well-known and well-understood vulnerabilities. SANS estimates that over 80 percent of cyber security incidents exploit known vulnerabilities. Gartner comes in much higher, estimating that “through 2020, 99 percent of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year.”

As if this is not sufficient, Cisco estimates that IoT will account for nearly half of connected devices by 2020, as cars, refrigerators, medical devices and gadgets not yet imagined or invented will link in, which will lead to the tremendous growth of threats and vulnerabilities in 2018 and the years to follow.

Privacy and ethics concerns for big data, and back to basics
Too much data is entering enterprises, and with the advent of big data, organizations now come across new types and formats of data, many of which are not structured like that of traditional data. Various types of sensors generate data in various formats and in huge numbers to be monitored. Hopefully, GDPR will serve as a guide post for exercising compliance while leveraging big data.

More often than not, cyber security issues are due to internal processes and people. In 2018, organizations the world over must spend more on security awareness and training for their employees so that preventive measures are exercised by them and incidents are raised when required. Basic security hygiene such as the patching of servers and updating software versions will rightfully gain greater prominence.

Author’s note: The views expressed in this article are of the author’s views and do not represent that of the organization or of the professional bodies to which he is associated. 

Copy Item to All Language Codes
Lists/SqtResources/AllItems.aspx
0x0
0x0
ContentType
0x01009AF1BC4E56474a80B49512D1B30D6EEC
225
Manage Subscriptions
/_layouts/images/ReportServer/Manage_Subscription.gif
/Knowledge-Center/Blog/_layouts/ReportServer/ManageSubscriptions.aspx?list={ListId}&ID={ItemId}
0x80
0x0
FileType
rdl
350
Manage Data Sources
/Knowledge-Center/Blog/_layouts/ReportServer/DataSourceList.aspx?list={ListId}&ID={ItemId}
0x0
0x20
FileType
rdl
351
Manage Parameters
/Knowledge-Center/Blog/_layouts/ReportServer/ParameterList.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rdl
352
Manage Processing Options
/Knowledge-Center/Blog/_layouts/ReportServer/ReportExecution.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rdl
353
View Report History
/Knowledge-Center/Blog/_layouts/ReportServer/ReportHistory.aspx?list={ListId}&ID={ItemId}
0x0
0x40
FileType
rdl
354
View Dependent Items
/Knowledge-Center/Blog/_layouts/ReportServer/DependentItems.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rsds
350
Edit Data Source Definition
/Knowledge-Center/Blog/_layouts/ReportServer/SharedDataSource.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rsds
351
View Dependent Items
/Knowledge-Center/Blog/_layouts/ReportServer/DependentItems.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
smdl
350
Manage Tapthrough Reports
/Knowledge-Center/Blog/_layouts/ReportServer/ModelTapThrough.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
smdl
352
Manage Model Item Security
/Knowledge-Center/Blog/_layouts/ReportServer/ModelItemSecurity.aspx?list={ListId}&ID={ItemId}
0x0
0x2000000
FileType
smdl
353
Regenerate Model
/Knowledge-Center/Blog/_layouts/ReportServer/GenerateModel.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
smdl
354
Manage Data Sources
/Knowledge-Center/Blog/_layouts/ReportServer/DataSourceList.aspx?list={ListId}&ID={ItemId}
0x0
0x20
FileType
smdl
351
Load in Report Builder
/Knowledge-Center/Blog/_layouts/ReportServer/RSAction.aspx?RSAction=ReportBuilderModelContext&list={ListId}&ID={ItemId}
0x0
0x2
FileType
smdl
250
Edit in Report Builder
/_layouts/images/ReportServer/EditReport.gif
/Knowledge-Center/Blog/_layouts/ReportServer/RSAction.aspx?RSAction=ReportBuilderReportContext&list={ListId}&ID={ItemId}
0x0
0x4
FileType
rdl
250
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
FileType
xsn
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document.2
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document.3
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document.4
255
View in Web Browser
/_layouts/images/ichtmxls.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1
0x0
0x1
FileType
xlsx
255
View in Web Browser
/_layouts/images/ichtmxls.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1
0x0
0x1
FileType
xlsb
255
Snapshot in Excel
/_layouts/images/ewr134.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1
0x0
0x1
FileType
xlsx
256
Snapshot in Excel
/_layouts/images/ewr134.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1
0x0
0x1
FileType
xlsb
256

Comments

Thank you

Very well defined predictions with great explanations. Thanks for sharing your predictions!

I would like to get more information about GDPR compliance issue. How, by whom, and when there will be checking process for making sure that organization is compliant with GDPR? Will there be any independent company/group/party responsible for GDPR compliance of all EU countries/organizations?
Vusal SALMANLI at 12/8/2017 1:08 AM

Digital Currency and blockchain

Dear Sir,

It would be great if you can help us by providing a small note of digital currency and blockchain please.

Thanks and best Regards,

Ijaz
Ijazul at 12/11/2017 1:18 AM
Copy Item to All Language Codes
Lists/SqtResources/AllItems.aspx
0x0
0x0
ContentType
0x01009AF1BC4E56474a80B49512D1B30D6EEC
225
Manage Subscriptions
/_layouts/images/ReportServer/Manage_Subscription.gif
/Knowledge-Center/Blog/_layouts/ReportServer/ManageSubscriptions.aspx?list={ListId}&ID={ItemId}
0x80
0x0
FileType
rdl
350
Manage Data Sources
/Knowledge-Center/Blog/_layouts/ReportServer/DataSourceList.aspx?list={ListId}&ID={ItemId}
0x0
0x20
FileType
rdl
351
Manage Parameters
/Knowledge-Center/Blog/_layouts/ReportServer/ParameterList.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rdl
352
Manage Processing Options
/Knowledge-Center/Blog/_layouts/ReportServer/ReportExecution.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rdl
353
View Report History
/Knowledge-Center/Blog/_layouts/ReportServer/ReportHistory.aspx?list={ListId}&ID={ItemId}
0x0
0x40
FileType
rdl
354
View Dependent Items
/Knowledge-Center/Blog/_layouts/ReportServer/DependentItems.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rsds
350
Edit Data Source Definition
/Knowledge-Center/Blog/_layouts/ReportServer/SharedDataSource.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
rsds
351
View Dependent Items
/Knowledge-Center/Blog/_layouts/ReportServer/DependentItems.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
smdl
350
Manage Tapthrough Reports
/Knowledge-Center/Blog/_layouts/ReportServer/ModelTapThrough.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
smdl
352
Manage Model Item Security
/Knowledge-Center/Blog/_layouts/ReportServer/ModelItemSecurity.aspx?list={ListId}&ID={ItemId}
0x0
0x2000000
FileType
smdl
353
Regenerate Model
/Knowledge-Center/Blog/_layouts/ReportServer/GenerateModel.aspx?list={ListId}&ID={ItemId}
0x0
0x4
FileType
smdl
354
Manage Data Sources
/Knowledge-Center/Blog/_layouts/ReportServer/DataSourceList.aspx?list={ListId}&ID={ItemId}
0x0
0x20
FileType
smdl
351
Load in Report Builder
/Knowledge-Center/Blog/_layouts/ReportServer/RSAction.aspx?RSAction=ReportBuilderModelContext&list={ListId}&ID={ItemId}
0x0
0x2
FileType
smdl
250
Edit in Report Builder
/_layouts/images/ReportServer/EditReport.gif
/Knowledge-Center/Blog/_layouts/ReportServer/RSAction.aspx?RSAction=ReportBuilderReportContext&list={ListId}&ID={ItemId}
0x0
0x4
FileType
rdl
250
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
FileType
xsn
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document.2
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document.3
255
Edit in Browser
/_layouts/images/icxddoc.gif
/Knowledge-Center/Blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser
0x0
0x1
ProgId
InfoPath.Document.4
255
View in Web Browser
/_layouts/images/ichtmxls.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1
0x0
0x1
FileType
xlsx
255
View in Web Browser
/_layouts/images/ichtmxls.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1
0x0
0x1
FileType
xlsb
255
Snapshot in Excel
/_layouts/images/ewr134.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1
0x0
0x1
FileType
xlsx
256
Snapshot in Excel
/_layouts/images/ewr134.gif
/Knowledge-Center/Blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1
0x0
0x1
FileType
xlsb
256
You must be logged in and a member to post a comment to this blog.