North Korea’s Got Talent And Other Cyber Security Challenges We Face In 2018

27/12/2017 12:27 GMT | Updated 27/12/2017 12:27 GMT

Cataclysmic security breaches pulverising businesses like Equifax and Uber have been a big feature of the last 12 months, along with evidence that hackers in states such as North Korea are targeting organisations in Europe and North America.

In 2018 we can expect to see cyber-criminality of all kinds to continue its exponential growth, affecting almost every organisation on the planet. How will we, or should we react? Here are some predictions for the next 12 months:

1.Innovation will be vital to counter the cyber security talent-drought

There is no question that the severe shortage of cyber security professionals will continue to hamper businesses trying to protect themselves. The lack of qualified staff is predicted to rise to 1.8 million in the next five years and we know that two-thirds of companies struggle to recruit staff with sufficient expertise.

In the absence of talent, businesses will have to adopt more innovative security technology. Emails remain the single biggest source of infiltration by criminal malware and a technology such as file-regeneration offers immediate protection without requiring a roster of expert in-house personnel.

2.Automation will continue to transform cyber security

It is increasingly recognised that responses to security breaches and other incidents are badly slowed down by manual processes.

As a result we are likely to see large organisations automating security analytics and operations, largely because security involves so many mundane tasks.

Automation offers immediate gains across cyber security. With emails, for example, advanced solutions can automate the minute examination of every attachment against the manufacturer’s standard so that only a sanitised document, free of malware is admitted to an organisation’s system. Decisions on whether to click open an attachment are no longer left to the harassed employee.

3.The growth of the IoT will necessitate further re-thinking of security

The Internet of Things (IoT) extends the security border of an organisation way beyond its physical boundaries. Consider how many internet-enabled devices are part of an electricity grid.

Smartphones, tablets, smart fridges, home security systems and even home heating systems are also part of the IoT and vulnerable to compromise.

An assault on the core infrastructure of the internet could have massive effect, particularly if it is linked to terrorism. The best defence is to keep malicious code out of an organisation’s network in the first place, rather than relying on outdated anti-virus defences, which can never pick up the kinds of malware criminals are devising every hour.

4.Blockchain will be no cyber security panacea

It is tempting to think that blockchain fits perfectly into a defence-in-depth approach to security. Ready-made data-encryption capabilities are starting to address blockchain’s data confidentiality and access-control challenges along with authentication and authorisation applications.

But blockchain provides little utility in threat-detection or active defence, so organisations throughout 2018 will find they need other more proven and tested forms of technological innovation to protect themselves from the millions of malware variants launched ever year.

This has to go alongside an overall cyber security programme that includes a governance framework and a change in mindset within the entire organisation.

5.State-sponsored hacking will force organisations to update cyber defences

There’s no question that state-sponsored or arms-length hacking groups are on the increase and have abundant resources. The forensic finger is now pointing almost non-stop at North Korea, Russia and China, while Iran and Israel have joined the list of states widely suspected of dubious cyber activity. The devastating attacks on the Ukrainian power network last year demonstrated how state-backed hackers will disrupt national infrastructure, given the chance.

In 2018 state-resourced groups will continue to target service-providers as a backdoor to enterprise-level targets, moving sideways inside and between organisations while leaving little or no trace.

Organisations must think hard about how to protect themselves from zero-day attack triggers. Relying on traditional anti-virus techniques in 2018 could be a critical error, given the malware variants being launched in their millions yearly.

6.GDPR will wake everyone up to security requirements

Although the rush to achieve GDPR compliance is already underway, legal challenges are likely to proliferate as many businesses are caught failing to fulfil their responsibilities to EU citizens whose personally identifiable data they hold.

It is likely, however, that the regulators will not inflict the full rigour of available penalties where organisations have failed through poor implementation of processes.

The same may not be true of compromised organisations seen as failing to fulfil the GDPR’s requirement for state-of-the-art technology to be in place. Fines of up to €20 million or four per cent of turnover may be levied if it is felt an example should be made.

The first half of 2018 should be when the laggards finally address their major security loopholes.

7.The small print – why innovation will trump cyber insurance in 2018

Cyber insurance is a growth market, but do not rely on it to cover all your losses if your business is hacked. In the course of the year it will become apparent to many organisations that advanced security technology is a much better investment, given the devastating financial impact of a breach.

Relying on cyber insurance to cover every cost is a vain hope as is reliance on the kind of conventional anti-virus security many insurers seem to feel comfortable with.