+
EDITOR’S QUESTION
SCOTT MANSON,
CYBERSECURITY LEAD – MIDDLE
EAST AND AFRICA, CISCO
/////////////////
W
e live in a world that is networked
together, where companies
rely on networked systems and
their data is stored in the cloud. The year
2018 will bring more connectivity, digital
transformation initiatives, and data to
companies, along with a number of new
cybersecurity threats and landscape changes
making cybersecurity one of the most crucial
issues that need to be addressed. Below are
my cybersecurity predictions that I believe
will continue to impact the technology
industry in 2018.
1. Shift in focus from protection to
prevention. Historically IT organisations
focused heavily on perimeter network
security to protect their networks from
cyberattacks. Protection at the perimeter
edge works well for data moving toward
the protected assets. However, recent
breaches have shown that perimeter
security alone isn’t sufficient to combat
advanced persistent threats. By focusing
on more proactive approaches, rather
than defensive, that help detect and
respond to possible threats rather than
react, it is possible to stop threats before
they expose the organisation to risk.
Your security set-up will need to focus on
detection, response, and remediation.
2. More IoT attacks will be motivated
by financial gain than chaos. It’s only
a matter of time before every house
and company is connected through the
Internet of Things (IoT). We predict that
as many as one million new connections
per hour will be added to the internet
by 2020 expanding the attack surface
and making IoT vulnerabilities more
dangerous. To meet the security
challenges of the IoT – an attack
surface that is both growing rapidly
and becoming increasingly difficult
to manage, a proactive approach to
security, and a layered defence strategy,
are the keys to protecting IoT devices
from infection and attack.
www.intelligentcio.com
3. Continued growth in the use of
ransomware and cyber-extortion
tools. Unfortunately, ransomware
attacks will almost certainly become
more pervasive and varied in 2018.
Some attacks will adhere to the brute-
force model of infect, lock and extort,
while others will be more sophisticated.
Evolutions in ransomware, such as the
growth of Ransomware-as-a-Service, will
make it easier for criminals to carry out
these attacks. In the future, ransomware
will not merely target individual
users, but entire networks. Given that
ransomware can penetrate organisations
in multiple ways, reducing the risk
of ransomware infections requires a
portfolio-based approach, rather than
a single product. Often, victims of
ransomware choose to pay the ransom,
because they have no other means by
which to restore their systems and data.
Don’t pay the ransom.
4. Many enterprises will give priority to
cloud security. More applications and
servers are moving to the cloud to take
advantage of cost savings, scalability,
and accessibility. As a result of this,
cloud environments will be a potential
target of security breaches. Cloud is a
journey and cloud security must be a
driver, not an afterthought.
According to the Cisco 2017 Midyear
Cybersecurity Report hackers recognise
that they can infiltrate connected
systems faster by breaching cloud
systems and we expect more problems
related to cloud security arising in 2018.
When it comes to cloud, security experts
will need to decide who they can trust
and who they can’t and enterprises
will need to develop security guidelines
for private and public cloud use and
utilise a cloud decision model to apply
limitations to cloud risks.
INTELLIGENTCIO
35