List: Where will the cyber security industry go in 2016?
Cyber security has rocketed up the agenda in 2015, with the C-Suite and boards, as well as consumers realising the threat is very real, and very serious. It’s only going to rise up further up the scale in 2016.
Here, 10 cyber security industry experts tell CBR what they expect to happen in the 12 months to come.
1. Ransomware becomes a core attack
Ransomware has becoming an increasing concern in 2015, and it’s not going to be going anywhere in 2016.
Raj Samani, CTO EMEA at Intel Security, said: "The trend for cybercriminals in 2016 will in part to focus on what already works (and pays) so we can expect ransomware to be a mainstay throughout the year and beyond. This is in part will be driven by the cybercrime ecosystem that not only provides the tools to carry out crime, but also will be supplying warehouses of stolen data for sale.
Whilst all of this sounds rather ominous, the good news is that 2016 will see the continuation of shared threat intelligence, and partnerships between industry and public sector to target digital threats and those behind such campaigns"
2. The threat from IoT increases
Cars, Barbies…all sorts of things are becoming web connected via IoT, and that gives hackers far greater scope for attack, and this will escalate in 2016.
David Emm from Kaspersky Labs said: "At some point, attackers will turn their attention to using IoT technologies. This could take the form of DoS attacks, i.e. causing a product to fail (e.g. cars), the theft of personal data – directly via a device, or by hacking a provider who collects such data, or the abuse of technology to mask other activities cameras."
3. Firms forced to innovate and deploy new technologies
Greg Day, Chief Security Officer EMEA at Palo Alto, thinks that the evolving threat landscape is forcing firms to reassess how the deal with cybersecurity, but new EU regulations will also have an effect.
"In recent years we have seen considerable growth in the number of unique attacks. The outcome of this is that existing security techniques become less effective, forcing businesses to look for suitable alternatives to their older security technologies. The point to consider here is whether continuing to respond to security risk by doing the same thing or taking advantage of new technologies will deliver greater success.
"The new EU regulations add to this pressure by pushing businesses to get closer to "state of the art" capabilities when it comes to cybersecurity
4. Growth of third party providers
Stan Black, CSO at Citrix siad "Companies are investing significantly in "extending the perimeter" via 3rd parties providing commodity and advanced services. Managed Security Service Provider (MSSP) are able to specialize or greatly reduce the cost of implementing security technology traditionally found in-house. A few examples are malware, intrusion, spam filtering, white/black listing, anti-virus, etc."
Malware delivered via websites has been one of the big stories of 2015, and Raytheon|Websenses’ Carl Leonard says "there’s no reason to say it’s going to stop."
"It seems to still be very effective because the malware authors now, they can host, for a very short period of time on a very high profile website.