15 Emerging Trends in the Security Sector for 2016

Security professionals offer their thoughts on emerging security trends for which the industry and enterprises in general need to be prepared in 2016.

As cyber-attack tools and services become increasingly commoditized, the cost of attacking an organization is dropping dramatically, enabling more attacks that do not have financial gain as the primary focus. Sophisticated hacktivist collectives such as Anonymous have been joined by relatively unsophisticated cyber-vigilantes. Organizations need to realize that financial gain is no longer the only or even the biggest driver of some of their adversaries. Security operations and risk managers should evolve their understanding not only of the threat, but also of what, why, where and how they are being targeted.—Amit Yoran, CEO of RSA

Organizations will begin to realize that not only is their data being accessed inappropriately, but it is being tampered with and manipulated. Data drives decision making for people and computer systems. When that data is unknowingly manipulated, those decisions will be made based on false data. Consider the potentially devastating consequences of misrepresented data on the mixing of compounds, control systems and manufacturing processes.—Amit Yoran, CEO of RSA

Cyber-criminals enjoyed continuous success with new ransomware variants in 2015. This business model of victims paying to get their files back has proved to work, as law enforcement even hints that this may be the only solution. For this reason, we can expect more ransomware copycats (malware authors reusing source code from a malware family to develop their own version) to emerge in 2016. Just as we saw many offshoots from the Zeus banking Trojan, ransomware variants are likely to emerge and compete against one another. However, we can also foresee a major arrest or takedown of one or more ransomware gangs.—Jerome Segura, Senior Security Researcher, MalwareBytes

Cyber-criminals have abused online advertising to target their victims and distribute malware efficiently, benefiting from the rise in zero-day exploits. As ad networks continue to struggle to shut down rogue advertisers, the number of attacks will increase and impact large publishers. Malvertising is also getting “smarter” and being served to the right people. Traditionally, we’ve seen malvertising in banner ads, but in the coming year, we may also see more malvertising in video ads and perhaps via HTML5 as a new infection vector. Ad blockers have started a much needed debate over ad quality, security and the overall user experience. Whether they will be enough to change practices that have been going on for over a decade remains to be seen.—Jerome Segura, Senior Security Researcher, MalwareBytes

Cyber-crime costs the global economy $445 billion a year, according to researcher Allianz. 2015 was no exception, and 2016 won’t be either if businesses aren’t ready to go on offense. Creating and implementing predictive defense systems will be more critical than ever as companies’ reliance on online systems continues to increase, facilitating a high-risk environment for hacks. Systems that continuously detect, prevent, analyze and respond to threats will be in high demand.—Mani Gopalaratnam, Global Head of Innovation and Technology, Xchanging

The number of serious security breaches and incidents will continue to expand rapidly, especially for second-tier enterprises that have been slower to roll out aggressive defenses. The unfortunate reality is that the number of vulnerabilities and potential hack points increase exponentially each year. Every new release of every application, operating system or device increases the number of exploit opportunities for cyber-criminals. Plus, hacking tools are better than ever at finding openings in older, legacy products. So look for an increase in data breaches in 2016, especially among smaller organizations that haven’t deployed the latest generation of security tools. Hackers will always go after the weakest link. If they determine that the big guys have toughened up, they’re just going to go after easier targets: the smaller enterprises.—Idan Tendler, CEO, Fortscale

2016 will be the year the phrases “corporate homicide” and “drive-by hackings” enter the common lexicon. These will be the types of attacks that are described as politically or ideologically focused—think “V for Vendetta”—where shadowy groups target financial, insurance, government, political, gender and similarly divisive organizations (Planned Parenthood, NRA, etc.). The intent of these hacks will fall into one of three momentous categories: hack for profit, hack for destruction and hack for political momentum. —Art Gilliland, CEO, Skyport Systems

This will become an important part of adaptive and user authentication. As a result, the ability to analyze keystroke dynamics, mouse movements and touch-based interaction will become a viable and valuable way to verify the true ownership of credentials (versus an external bad actor who has compromised legitimate credentials).—Keith Graham, CTO of SecureAuth

Cloud-based security is improving as sophistication and intensity of cyber-attacks accelerate. Unlike disjointed on-premises security solutions, the cloud offers security defenses with better threat visibility, shared intelligence across customers and agile software that enables rapid adaptation to emerging threats. The dissolving network perimeter has also created severe challenges in terms of capacity, manageability, adaptability and coverage of IT security appliances. Business will need to kick their security appliance addiction because the need for IT to securely connect an increasingly cloud-centric and mobile-first workforce is not aligned in an appliance-based model, which is designed for fixed locations and a static workforce.—Shlomo Kramer, CEO, Cato Networks

In 2016, there will be a large increase in both the privacy and threat exposure of wearable devices, medical devices and smart cars. Examples include hacking into cars’ computers to cause a massive incident on the road; stealing PHI data from systems monitoring patient medical devices; and accessing personal information about a user’s electrical and water usage in their home.—Rohit Gupta, CEO, Palerra

Your phone will become more important than your password for security. The password as it is used today is possibly the single largest security problem on the Internet. Multifactor authentication, particularly on mobile, will become the new norm.—Kevin Mahaffey, CTO, Lookout

More and more companies are full-speed ahead on cloud, but so far, security has lagged. There’s a gap between where cloud security budgets are and where they should be based on overall security spending. According to Gartner Research, companies allocate only 3.8 percent of cloud spending to security, compared with 11 percent from overall IT budgets. In 2016, budgets for cloud security will outpace overall IT security spending as companies play catch-up.—Rajiv Gupta, SkyHigh Networks

2016 will shine a light on fundamental issues with cloud access security brokers (CASBs) that were overlooked as organizations allowed uncontrolled access to ad-hoc applications such as Box, Dropbox and Google Drive. Among the overlooked issues are that it adds another disparate layer to the security management stack, and many of the functions offered by CASB are available in solutions already deployed and understood by the enterprise.—David Goldschlag, SVP of Strategy, Pulse Secure, and co-founder of Tor.

This industry has a plethora of data that cyber-criminals want—credit reports, personally identifiable information (PII), donor money, tuition money, etc. And these institutions are not doing an adequate job of securing all their systems. Add to that the myriad “customers”—namely professors, students, parents and administrators—and you have magnified the attack vectors exponentially.—Andy Grolnick, President and CEO, LogRhythm Labs

A key new one involves the European Union, which will drive enterprises to create specific roles around ensuring the integrity of their data. Roles such as a data protection officer or chief risk officer will evolve, but in either case, they will need to adapt their strategy around being the hunter and not the hunted. This will mean they make use of threat intelligence and next-generation security solutions to detect intrusions earlier.—Chuck Leaver, CEO, Ziften