17 Security Experts Share Predictions for the Top Cyber-Trends of 2017

IT security experts predict a proliferation of high-profile cyber-security threats in 2017 as governments and enterprises use new technologies to thwart attacks.

Bill Berutti, president of cloud and security automation at BMC, predicts that hackers taking the path of least resistance will drive greater vigilance. In 2017, security and operations teams must collaborate even more closely, he said, as hackers will continue to take the path of least resistance by exploiting common, unpatched vulnerabilities to gain access to organizations and their critical data. With many software publishers now releasing critical patches “in bulk,” hackers now have more time than ever to exploit new vulnerabilities.

Darren Guccione, co-founder and CEO at Keeper Security, predicts that cyber-attacks and data breaches within small and medium-sized businesses (SMBs) will increase dramatically in 2017. SMBs, he said, need to invest in strong security defenses or risk going out of business.

James Maude, senior security engineer at Avecto, predicts container isolation will see wider recognition for its security benefits. He expects an accelerating migration of corporate applications from riskier legacy application architecture to container-hosted apps.

Miguel Contreras, head of information security, data privacy and compliance at iManage, predicts that in 2017, analytics will shine a light on internal threats. As data breaches continue making headlines and challenging businesses to elevate their security measures, he expects a growing awareness in 2017 around the danger of internal threats. Non-disclosure agreements (NDAs) no longer will be sufficient to ensure the safety of confidential or proprietary information. Instead, Contreras believes more businesses will start employing analytics tools to monitor when data is being accessed, by whom and for what purpose.

Markus Jakobsson, chief scientist at Agari, predicts an increase in hybrid attacks for 2017. A hybrid cyber-attack involves more than just a single threat vector. For example, a hybrid attack can include deceptive email to deliver malware and then DDoS to complicate recovery from a malware attack. This type of attack enables online criminals to carry out their crimes and then hide their tracks, he said.

Chase Cunningham, director of cyber operations at A10 networks, expects that upstream providers increasingly will be targets for attackers in the new year. The DDoS attack launched against DNS provider Dyn, which resulted in knocking out many major sites that use Dyn for DNS services, made headlines because it highlighted what can happen when threat actors target a service provider as opposed to the end customers. Attacks on upstream providers, he noted, cause ripple effects that interrupt service—not only for the provider, but also all of their customers and users. The attack on Dyn set a dangerous precedent and likely will be emulated several times over in the coming year, he said.

Tom Kellermann, CEO of Strategic Cyber Ventures, predicts that rising geopolitical tensions will serve as the harbinger for destructive cyber-attacks in 2017. In 2017, Kellermann expects the United Cyber Caliphate and AQAP (Al-Qaeda in the Arabian Peninsula) will demonstrate advances in their cyber-campaigns, while Chinese hackers will increase cyber-attacks in response to U.S. Navy maneuvers in the South China Sea.

Brian NeSmith, CEO of Arctic Wolf Networks, predicts that cyber-insurance will become a line item on IT budgets. “We know by now that businesses should be worried not about if they will be breached, but when,” NeSmith said. “As more organizations accept this reality and consider how they will recover from potentially crippling financial losses of a data breach, incident response plans are evolving to include cyber-insurance.”

“There will be a shift in focus from broad-based attacks to more targeted attacks against specific firms or individuals,” predicts Scott Petry, CEO at Authentic8.

Phil Dunkelberger, CEO of Nok Nok Labs, predicts that mass hacking of IoT devices will get worse in 2017, before vendors get their act together. “IoT is the weakest link into the home, and thousands of consumers are going to find their accounts compromised and their bank accounts pilfered just because they thought it would be fun to automatically dim the lights in their bedroom,” he said.

Shehzad Merchant, CTO of Gigamon, predicts that the role of nation-states in cyber-warfare will change and grow. “In a world that’s been dominated by traditional military might, cyber may become a great equalizing force,” he said. “No longer does it require a huge army to knock out a national power grid or inflict significant physical damage.”

“More organizations will appoint a C-level executive (CISO) to elevate risk to the executive level, and the role of the CISO will shift, moving beyond that of compliance monitor to drive a change in culture,” predicts Adnan Amjad, partner at Deloitte Cyber Risk Management.

Don Foster, senior director of solutions marketing and technical alliances at Commvault, predicts organizations will take ransomware more seriously and implement ways to rapidly identify compromised content and automate its recovery. “Ransomware has proved to be one of the most-effective ways to infiltrate an organization, and cyber-criminals are increasingly becoming better at embedding viruses into innocent-looking email attachments,” he said.

“This coming year, we’ll see more DevOps teams adopt compliance-as-code in order to reduce the reporting and maintenance overhead that all regulated entities have to endure,” predicts Tim Prendergast, CEO of evident.io. “As more companies move production workloads to the cloud, it will become imperative that they adapt their processes and tools for compliance to avoid making the audit process even more cumbersome.”

“In an effort to combat terrorism and expand surveillance, at least one Western government will follow Russia’s lead and mandate access to encryption keys and certificates,” Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, predicts. “The potential impact of these decisions can’t be overstated—widespread government access to encrypted communications has the potential to demolish internet privacy and devastate security.”

“A big trend I see is a focus on service resilience, i.e., making it so that a DDoS can melt one provider or one data center, but your service will automatically migrate to another site that can serve the same content,” predicts Daniel Miessler, director of advisory services at IOActive. “I expect resilience, as opposed to prevention, will become more talked-about.”

“We can expect the unexpected,” predicts John Bambenek, threat systems manager at Fidelis Cybersecurity. “I never would have predicted last year that we would be talking about the DNC and hacking of elections. Expect new trends to come out of left field.”