THE THREAT LANDSCAPE FOR 2018 CALLS FOR STRONGER CYBERSECURITY MEASURES THAN EVER BEFORE
Just when you feel as if you have your organization’s cybersecurity under control, the ball drops in New York City’s Times Square, and everything starts anew, including facing new threats. With each new year, you understand that there will be new challenges trending that will certainly land squarely in your IT department.
It seems as if the tech industry giants gunned the gas this past year, and the rest of us are just doing our best to try to keep up.
Technology is increasingly becoming the primary underlying fabric of the modern business world, and everyone needs to negotiate it and its dizzying advances on, what seems like, its terms.
In the 1994 cyberpunk novel, Neuromancer, author William Gibson defines cyberspace as “a consensual hallucination experienced daily by billions of legitimate operators, in every nation, by children being taught mathematical concepts.”
Consensual among honest individuals and businesses, of course. However, contending with persons or collectives harboring darker motivations is another facet of the hallucination. Or rather, they work outside of the hallucination, breaching the trust of all those who do.
The simple truth is that, in 2018 and not far beyond, the challenges in cybersecurity look as if they will remain a clear and present danger to businesses in all sectors.
2017’s Biggest and Most Unique Data Breaches
- California Association of Realtors.
- Deep Root Analytics.
Many industry peers might think that Yahoo! would have it all together when it comes to cybersecurity since it has been around since 1997. In reality, their data breach event goes to show everyone is vulnerable, no matter how long they have been chugging along as an Internet stalwart. While their problem makes other businesses feel better, it did nothing to make every single one of their three billion account holders feel very good at all.
The Equifax incident caused just about everyone to take notice. As one of the three largest credit agencies in the United States, the sensitive stolen data—including social security and driver’s license numbers—could ultimately affect 143 million customers, so it is no surprise that it became water cooler and train passenger conversation fodder for several weeks.
One of the California Association of Realtors’ subsidiaries, Real Estate Business Services, suffered a data breach. The organization has an online payment system that was infected with malware that passed customers’ personal information on to an unknown and malicious third party.
Last year, the Republican National Committee hired Deep Root analytics to collect information about roughly 198 million U.S. voters, which the analytics firm stored on an Amazon cloud server. Deep Root Analytics made one huge error in neglecting to use password protection for almost two weeks, exposing data like birth dates, home addresses and voter registration details.
Additional notable data breaches over the past year include River City Media, Saks Fifth Avenue, UNC Health Care, America’s JobLink and FAFSA: IRS Data Retrieval Tool.
Hopefully this list helps to reiterate what you likely know all-too-well: hackers consider no business “off limits.” Not even yours. Where there is cyberspace, there is an opportunity for cyberexploitation.
WHAT LIES ON THE VISIBLE HORIZON FOR 2018 CYBERTHREATS?
The past year has moved at a wildly rapid pace in just about every realm of technology. Sensors Tech Forum recounts the digital intrigue surrounding the 2016 presidential election and the emergence of ransomware threats with WannaCry.
With these types of events, as well as all the hacking “classics,” you have the promise of a calendar chock full of potential fire drills throughout the coming year.
- Technology professionals announced to all of us mind-bogglingly outstanding strides in artificial intelligence (AI) and the Internet of Things (IoT).
- The European Union (EU) has also developed a framework to protect Europe’s consumers’ personal data when making purchases with the General Data Protection Regulation (GDPR).
- Blockchain technology has begun to seep into our collective conscious and holds the profound possibility to alter certain aspects of the Internet as we know it, creating an incorruptible digital ledger of economic transactions and anything of value, such as information, notes Blockgeeks.
- “Sophia,” the human-like robot developed by Hanson Robotics in Hong Kong has had a busy year, notes Forbes. Her increasing presence may remind us that AI is possibly right around the next bend, which may open new cans of nearly unfathomable cybersecurity worms.
- The Internet of Things presents new challenges, according to Forrester, due to the sheer number of additional data-gathering devices, which are actually more accurately described as sensors in the form of wrist bands or smart meters, available to hackers as potential exploitation portals.
While each of the recent and emerging advances in technology are generally seen as “social goods,” you may have to deal with one or more of them on some level, in terms of cybersecurity. Each one is likely to come with its own vulnerabilities that you will need to attend to in some way and at some point.
As you can see, 2018 will be anything but dull. Some of these threats may affect you, in addition to the old classics like viruses and malware, while others may simply help open your eyes to the fact that you and your team will stay extremely busy the next few years. Much of your work will involve coming to understand any impending implications of these innovations, alongside your fellow CIOs and IT leaders across all business sectors.
HOW CAN YOU PREPARE TO FACE CYBERSECURITY THREATS IN 2018?
While some threats we mentioned above are long-range concerns, you still need to focus on immediate threats. We have developed a list of considerations and actions to update our post for all the basics for Preparing for Cybersecurity in 2016. Our new list of preparation tips will help your team discover new tools to prepare to face unique cybersecurity threats in 2018.
1. Adapt to Any Necessary and Available Skills and Organizational Tools to Meet New Cybersecurity Challenges
As cybersecurity increasingly evolves to include areas like data governance, data science and data analytics, it is important that you have the skills needed to keep up. Data governance can become a powerful tool in that it ensures that you and your team always understand the data for which you are responsible. By analyzing the data, you will have a better idea of where it is stored and its various uses.
2. Learn About the NIST Cybersecurity Framework
Tech Republic reported in May 2017 that the tech world has long suffered a problem of security fragmentation, which means that it had no standard set of rules, executable goals, or even a common language that would help to address issues like data breaches, ransomware and stolen data.
In 2013, President Obama and his cybersecurity team set out to solve this problem. They developed the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF), which is the “Framework for Improving Critical Infrastructure Cybersecurity.”
While CSF standards are completely optional and yield no penalties if you do not wish to add them to your cybersecurity regimen, they serve as a great launch point, if nothing else. The standards were designed for flexibility, scalability and gradual risk-based implementation in mind that can easily be used with a broad array of cybersecurity risk management processes.
3. Schedule a Cybersecurity Assessment
Managing a computing system, regardless of the size of a business, has never been more complicated since everyone has become so heavily reliant on the Internet and the cloud. Cybercriminals are aware of this reality, and they never stop working to find new ways to infiltrate your system to hijack your data.
Performing a cybersecurity assessment can help you take on the risk-heavy cybersecurity landscape head-on and with confidence. When you hire a professional auditing team to perform your cybersecurity assessment, using the NIST CSF model, you can take a more thorough look at your computing system. You can get all the benefits of the CSF without having to work double-time to learn and deploy it.
Let Us Know How We Can Help You Prepare for the Cybersecurity Challenges of 2018
This list, combined with our previous list, may help you get started in shoring up your computing system this coming year and beyond. The impending threats are a combination of old standbys and mysterious possibilities. Our professional auditors at I.S. Partners, LLC. can help you tackle them all to keep your system safe and sound.