Cybersecurity: What’s in Store for 2017?
The cybersecurity battlefield is evolving rapidly, so analyzing threats from the last year can help experts anticipate trends that may emerge in coming months.
Here’s a cybersecurity forecast for 2017:
Securing the Internet of Things (IoT)
Many companies, including large defense contractors, are focusing their resources on securing IoT devices. Nest thermometers, Fitbits, Wi-Fi-enabled cars—new internet-connected devices hit the market all the time, but they generally lack sufficient security. If these devices are to be used in enterprise and corporate networks, ensuring their integrity will be a priority for many chief information officers. Many smaller consultancies will also begin to focus on securing these devices in our homes. For more information, check out our blog, “Certified Security by Design: Securing Devices in the IoT Era.”
Demand for Qualified Talent
Cybersecurity professionals are in demand. According to a recent article by CSO Online, “There will be 1.5 million cybersecurity job openings by 2019, up from 1 million in 2016. By 2019, the demand for cybersecurity professionals will increase to approximately 6 million globally.” Companies and governments will constantly look for exceptionally talented professionals who are not only technically proficient, but who also are able to think critically and analytically. Employers will look for candidates with academic credentials.
Cloud Service Security
Traditionally, viruses, malware and ransomware have targeted workstations, servers and mobile devices. However, emerging threats are beginning to specifically target cloud services. So, instead of disrupting physical devices, adversaries will attack services like Gmail, Dropbox and iCloud. Attacks could maliciously wipe data or lock account owners out and demand ransom to regain access. Providers will need to implement better security controls such as two-factor authentication and pattern-based passwords.
Hired Hitmen, aka DDoSaaS, aka Distributed Denial of Service-as-a-Service
2017 may bring more “hired hitmen” into the cyber landscape. Nefarious cyber adversaries have started to offer their services, allowing anyone to hire them to launch attacks and DDoS campaigns. An Israeli company called “vDoS” infamously sold attacks for as low as $20. The implications of such services are huge. Anyone can launch a cyberattack for the right price—it’s the “democratization of DDoS.” Law enforcement agencies will be looking for the right talent to track, locate and capture these adversaries.
DNS (Domain Name Service) provider targeting
Last October, DNS provider Dyn was attacked by a massive botnet that disrupted domain names from properly resolving. That prohibited users from reaching popular websites such as Amazon, Twitter and Spotify. It is considered one of the largest DNS attacks in history, clocking in at 1.2 terabits per second. An attack that big, affecting financial institutions, would have far-reaching implications. We can be sure to see attacks like this, and even more powerful ones, in the near future.
We know that 2017 will be a trying year for fighting cyber threats. Unfortunately, things may get worse before they get better. Skilled cybersecurity professionals can help secure infrastructures, proactively mitigate threats, and stay on top of new and unique attack vectors that will be prevalent this year and for many more to come.
About the writer:
Bobby Bermudez has over 15 years of IT industry experience, and has worked with myriad clients ranging from startups, non-profits, Fortune 500 companies and local & Federal governments. His horizontal expertise with computer, network and web technologies led him to create Symposit LLC, a boutique IT consulting firm.
Bobby received a B.S. in Decision Sciences and Management Information Systems from George Mason University, a graduate certification in Project Management from Georgetown University and a M.S. in Computer Information Systems with a concentration in Cybersecurity from Boston University. In addition he holds several other technical certifications.