Six Cyber Predictions For 2017

Cybersecurity has moved beyond patching, to focus on big picture problems such securing cloud services, the disappearing perimeter and the managing the flood of mobile devices.  

McAfee Labs 2017 Threats Predictions report gives government IT managers a heads up on what to expect next year:

1. Ransomware subsides in the second half of 2017

The scourge of hospitals, government agencies, transit organisations and others, ransomware may be leveling off, with the widespread media attention expected to spur solutions. Special interest organisations have done a good job of raising awareness, and companies have taken up the call to find answers.

2. “Drone-jacking” places threats in the sky

Consumer drones sold with open ports and weak authentication create opportunities for attackers to take control of unmanned systems.

Although vulnerabilities can often be fixed with a software update, “this requires the manufacturer to release a patch,” the report said.

Expensive, high-end drones will get patched quickly, but hobbyist drones may fly a long time before a patch is even available. That means exploit kits for unsecured drones will become available, and drone-jacking via laptops with directional antennas may emerge.

Unsecured drones open up risks for package delivery, aerial photography and law enforcement surveillance. Besides the danger to the devices themselves, look for drones that land on buildings and attempt to hack into the wireless networks inside.

3. Takedown operations put a dent in cyber-crime

Increased cooperation among law enforcement, industry and security vendors will help shut down criminal operations. The report warns, however, that cyber-criminals will begin to challenge the relationship between private vendors and law enforcement agencies, so all parties should prepare for legal ramifications of cooperation.

4. Threat intelligence sharing improves

New automated tools will make sharing information easier, and crowd-sourced threat intelligence and collaborative analytics help security analysts “connect the dots.” Legislation like the Cybersecurity Information Sharing Act will help overcome barriers to sharing by extending liability protection to the sharing entities.  

5. Cyber-espionage increases in complexity

Former state-sponsored teams will become information brokers in cyber-espionage in 2017, providing “access” for money. “Everyone has information that is worth something, but it takes a creative mind to profit from it,” McAfee says. Additionally, advanced attackers are accessing networks by attacking firewalls, giving them “a great way to fly below the security radar.”

6. Cyber and physical systems merge

The separation between the physical and digital world could begin its erosion in 2017, making the security of one dependent on the security of the other. McAfee predicts that the physical and cybersecurity industries will begin hardening security products and that cybersecurity solution providers will begin to service and support physical security.

GCN:                What Are The Big Cyber Threats In 2017?:

 

 

« Self - Flying Aircraft Take To British Skies
British Police - Stay Safe From Cyber Crime This Christmas »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

InnoValor

InnoValor

InnoValor realises value from digital innovation for organisations and government. We provide advisory services and develop innovative software solutions, based on our background in research.

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

BlueAlly

BlueAlly

BlueAlly helps clients scale, optimize, and manage their IT resources to reach their business goals.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

mxHERO

mxHERO

mxHERO reduces the risks inherent with ransom and cyber-security threats specific to email.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

ProjectDiscovery

ProjectDiscovery

ProjectDiscovery is an open-source, cybersecurity company that builds a range of software for security engineers and developers.

ThreatER

ThreatER

ThreateER (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.