Bain discusses: “2017 has ushered in a wave of disruptive developments for the cyber security industry. With cyber-attacks at an all-time high, the industry has begun to analyse emerging trends across the world, casting an eye over what has played out over the last 12 months.
“Perhaps the most notorious discussion point has been ransomware. Ransomware has seen a huge rise in popularity among attackers, as they have come to understand that most organisations would rather pay the ransom to retrieve their data rather than concede that their security had been breached to the general public. Readers may recall the WannaCry attack earlier this year, which hit the National Health Service (NHS) impacting computers in more than 150 countries. In fact, the 2017 Verizon Data Breach Report states that ransomware is now the fifth most common type of cyberattack, and experts suggest this will remain a critical threat in 2018.”
Bain continues: “Another security threat that was popular this past year centred around threats within mobile environments. The top enterprise apps of today: Uber, WhatsApp Messenger, Facebook Messenger, have all been found to present a large risk to enterprise data. The astronomical rise in popularity and use of personal mobile devices has led to a ‘bring your own device` culture being employed in today’s enterprise model, which leads to susceptibilities. Skycure reported that just over one in five (21 per cent) of organisations have attributed a breach in their data to the BYOD culture.
“Adding to this, the security implications of IoT applications has also been on the minds of everyone this past year. While a connected society enhances both personal and professional lives, it also brings forth a host of security issues that have been witnessed in 2017. Integration of IoT applications bring several major security challenges, such as the fact that many IoT products are not built with proper security measures at the design level, or that many come with default passwords that are never updated, and most importantly, that many IoT devices come with old or unpatched operating systems, leaving them open to risks. Fortinet’s Threat Landscape Report documents that for the second quarter of 2017, 90 per cent of organisations recorded attacks on vulnerabilities that were at least three years old, despite patches and updates being available. Understanding where those weakness points are will be critical in addressing any future challenges.
“Finally, tying this altogether, we’ve seen the cyber security space suffer a global shortage of professionals who have the specialised skills to address the increasing threats of ransomware, mobile security, and the security of devices within the Internet of Things. This lack of specialised professionals has dominated conversations in 2017 over how to improve the security workforce outlook. For security professionals to prepare for future technological assaults, it will be important to address this issue, so the industry can better understand how and why cyberattacks have developed, in order to help prevent them.”
Bain concludes: “As the end of 2017 nears, it is clear it has been an eventful year for the cybersecurity industry. It is important to take a careful look at these growing trends and see where, why and how hackers are spending their time. By examining and learning from past attacks, we can better understand the steps we need to take for improvement.”