Security Experts Predict Prominent Cyber-Trends for 2017 | eWeek

17 Security Experts Share Predictions for the Top Cyber-Trends of 2017

Cyber-threats
Dec 27, 2016
5 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


1 - 17 Security Experts Share Predictions for the Top Cyber-Trends of 2017

IT security experts predict a proliferation of high-profile cyber-security threats in 2017 as governments and enterprises use new technologies to thwart attacks.


Hackers Take the Path of Least Resistance

2 - Hackers Take the Path of Least Resistance

Bill Berutti, president of cloud and security automation at BMC, predicts that hackers taking the path of least resistance will drive greater vigilance. In 2017, security and operations teams must collaborate even more closely, he said, as hackers will continue to take the path of least resistance by exploiting common, unpatched vulnerabilities to gain access to organizations and their critical data. With many software publishers now releasing critical patches “in bulk,” hackers now have more time than ever to exploit new vulnerabilities.


SMBs Will Be a Target

3 - SMBs Will Be a Target

Darren Guccione, co-founder and CEO at Keeper Security, predicts that cyber-attacks and data breaches within small and medium-sized businesses (SMBs) will increase dramatically in 2017. SMBs, he said, need to invest in strong security defenses or risk going out of business.


Advertisement

Container Use Will Grow

4 - Container Use Will Grow

James Maude, senior security engineer at Avecto, predicts container isolation will see wider recognition for its security benefits. He expects an accelerating migration of corporate applications from riskier legacy application architecture to container-hosted apps.


Analytics Will Shine Light on Internal Threats

5 - Analytics Will Shine Light on Internal Threats

Miguel Contreras, head of information security, data privacy and compliance at iManage, predicts that in 2017, analytics will shine a light on internal threats. As data breaches continue making headlines and challenging businesses to elevate their security measures, he expects a growing awareness in 2017 around the danger of internal threats. Non-disclosure agreements (NDAs) no longer will be sufficient to ensure the safety of confidential or proprietary information. Instead, Contreras believes more businesses will start employing analytics tools to monitor when data is being accessed, by whom and for what purpose.


Hybrid Attacks Will Increase

6 - Hybrid Attacks Will Increase

Markus Jakobsson, chief scientist at Agari, predicts an increase in hybrid attacks for 2017. A hybrid cyber-attack involves more than just a single threat vector. For example, a hybrid attack can include deceptive email to deliver malware and then DDoS to complicate recovery from a malware attack. This type of attack enables online criminals to carry out their crimes and then hide their tracks, he said.


Upstream Providers Become Targets

7 - Upstream Providers Become Targets

Chase Cunningham, director of cyber operations at A10 networks, expects that upstream providers increasingly will be targets for attackers in the new year. The DDoS attack launched against DNS provider Dyn, which resulted in knocking out many major sites that use Dyn for DNS services, made headlines because it highlighted what can happen when threat actors target a service provider as opposed to the end customers. Attacks on upstream providers, he noted, cause ripple effects that interrupt service—not only for the provider, but also all of their customers and users. The attack on Dyn set a dangerous precedent and likely will be emulated several times over in the coming year, he said.


Advertisement

Cyber-Attacks Will Rise With Geopolitical Tensions

8 - Cyber-Attacks Will Rise With Geopolitical Tensions

Tom Kellermann, CEO of Strategic Cyber Ventures, predicts that rising geopolitical tensions will serve as the harbinger for destructive cyber-attacks in 2017. In 2017, Kellermann expects the United Cyber Caliphate and AQAP (Al-Qaeda in the Arabian Peninsula) will demonstrate advances in their cyber-campaigns, while Chinese hackers will increase cyber-attacks in response to U.S. Navy maneuvers in the South China Sea.


Cyber-Insurance Will Become Part of IT budgets

9 - Cyber-Insurance Will Become Part of IT budgets

Brian NeSmith, CEO of Arctic Wolf Networks, predicts that cyber-insurance will become a line item on IT budgets. “We know by now that businesses should be worried not about if they will be breached, but when,” NeSmith said. “As more organizations accept this reality and consider how they will recover from potentially crippling financial losses of a data breach, incident response plans are evolving to include cyber-insurance.”


Expect More Targeted Attacks

10 - Expect More Targeted Attacks

“There will be a shift in focus from broad-based attacks to more targeted attacks against specific firms or individuals,” predicts Scott Petry, CEO at Authentic8.


More IoT Attacks Are Coming

11 - More IoT Attacks Are Coming

Phil Dunkelberger, CEO of Nok Nok Labs, predicts that mass hacking of IoT devices will get worse in 2017, before vendors get their act together. “IoT is the weakest link into the home, and thousands of consumers are going to find their accounts compromised and their bank accounts pilfered just because they thought it would be fun to automatically dim the lights in their bedroom,” he said.


The Role of Nation States in Cyber Warfare Will Change

12 - The Role of Nation States in Cyber Warfare Will Change

Shehzad Merchant, CTO of Gigamon, predicts that the role of nation-states in cyber-warfare will change and grow. “In a world that’s been dominated by traditional military might, cyber may become a great equalizing force,” he said. “No longer does it require a huge army to knock out a national power grid or inflict significant physical damage.”


Advertisement

Organizations Will Embed Cyber-Security into Their Corporate Culture

13 - Organizations Will Embed Cyber-Security into Their Corporate Culture

“More organizations will appoint a C-level executive (CISO) to elevate risk to the executive level, and the role of the CISO will shift, moving beyond that of compliance monitor to drive a change in culture,” predicts Adnan Amjad, partner at Deloitte Cyber Risk Management.


Ransomware Isn’t Going Away

14 - Ransomware Isn't Going Away

Don Foster, senior director of solutions marketing and technical alliances at Commvault, predicts organizations will take ransomware more seriously and implement ways to rapidly identify compromised content and automate its recovery. “Ransomware has proved to be one of the most-effective ways to infiltrate an organization, and cyber-criminals are increasingly becoming better at embedding viruses into innocent-looking email attachments,” he said.


Compliance-as-Code Emerges as a Top DevOps Priority

15 - Compliance-as-Code Emerges as a Top DevOps Priority

“This coming year, we’ll see more DevOps teams adopt compliance-as-code in order to reduce the reporting and maintenance overhead that all regulated entities have to endure,” predicts Tim Prendergast, CEO of evident.io. “As more companies move production workloads to the cloud, it will become imperative that they adapt their processes and tools for compliance to avoid making the audit process even more cumbersome.”


More Government Access to Encryption Keys and Certificates

16 - More Government Access to Encryption Keys and Certificates

“In an effort to combat terrorism and expand surveillance, at least one Western government will follow Russia’s lead and mandate access to encryption keys and certificates,” Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, predicts. “The potential impact of these decisions can’t be overstated—widespread government access to encrypted communications has the potential to demolish internet privacy and devastate security.”


Advertisement

Resilience More Important Than Prevention

17 - Resilience More Important Than Prevention

“A big trend I see is a focus on service resilience, i.e., making it so that a DDoS can melt one provider or one data center, but your service will automatically migrate to another site that can serve the same content,” predicts Daniel Miessler, director of advisory services at IOActive. “I expect resilience, as opposed to prevention, will become more talked-about.”


Expect the Unexpected

18 - Expect the Unexpected

“We can expect the unexpected,” predicts John Bambenek, threat systems manager at Fidelis Cybersecurity. “I never would have predicted last year that we would be talking about the DNC and hacking of elections. Expect new trends to come out of left field.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.