2018 Cybersecurity Predictions

JAN 22, 2018

Do you ever wonder how security professionals come up with predictions for the coming year? Many of us do massive amounts of research. Others go with a gut feel on where they think the trends are taking us. Rumor has it that some have functional scrying devices. What will 2018 bring us in the way of Cybersecurity? Let’s look at our five key predictions.

1. Web Isolation

Browser/threat Isolation, also known as web isolation, is set to take the world wide web by storm. Web Isolation prevents malware, identity theft, and data loss. The way it prevents malware is by having a layer that sits between the website and the user. This layer often leverages container technology to detonate malware securely and safely by never allowing the malicious content to reach the end users device.

2. Internet of Things

IoT has appeared on several predictions lists for the last several years. The reason being the exponential growth of devices and the ever-changing threat landscape. 2018 will see a more security focused response from manufacturers, and more options to secure existing devices. One thing that can be learned from 2017 was the inherited risk that many IoT devices suffer from. Botnets that were once whispered about in cybersecurity corridors are now mainstream news and discussed openly by the public. 2018 will focus on two main aspects of IoT; detection and prevention of malicious activity.

3. Artificial Intelligence in Endpoints and Behavior

Artificial Intelligence (AI) has been on the list before, but as Luke Skywalker would say “This is not going to go the way you think.” AI has found its place in several aspects of security, but most important is where it’s going next year. Securing our endpoints and analyzing behavior of people, entities, and processes is where AI is really going to shine. Imagine endpoint protection that can detect deviations in typical person or process behavior. Gone will be the days of notepad launching and blasting the internet with malicious content.

4. Security Automation and Orchestration

Security Automation and Orchestration will really begin to pick up steam in 2018. Enterprises are looking for better ways to automate security tasks and run workflows to orchestrate security activity and integrate disparate security applications and processes together. I am sure you are aware of the security professional shortfall the industry is currently facing and will be facing in 2018 and beyond. Security Automation and Orchestration enables security professionals to do more with less people by coordinating security tasks across the enterprise.

5. Data Security via GDPR

The General Data Protection Regulation is coming. Basically, the European Union is requiring businesses to protect personal data and privacy of its citizens. Non-compliance will cost companies up to 4% of gross revenue or 20 million Euro, whichever is higher. GDPR compliance protects identity information, geographical information, and health records. On average, companies are spending between one and ten million dollars to meet the compliance mandate. This one is an easy prediction to make. If you are doing business in or with the European Union, you will be compliant by May 25th, 2018.

Five predictions for 2018, some obvious and others perhaps not. What is important coming in 2018 from a security perspective is reality. Are we (you) doing what is necessary to protect devices, users, infrastructure – the business? What lies ahead is certainly not 100% guaranteed. But I do guarantee security will be a serious topic of concern and consequence this next year for businesses of all types and sizes. Will you be ready?

Brad Bussie
Brad Bussie

Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.

Leave a Reply

Your email address will not be published. Required fields are marked *