from KnowBe4
1) ARTIFICIAL INTELLIGENCE. Everyone and their brother will claim that they have machine learning and/or AI as an offering and/or built into their product/platform, yours truly included. It's going to be marketing buzzword hell, because at the moment AI is not nearly as smart as people would like it to be, so buyer beware.
However...
Machine Learning and AI *will* move forward with lightning speed. Some of them will pass the Turing test. You will be able to talk to supportbots and not know if it is a human or not. You will also see fully programmable digital avatars going into commercial use.
2) BLOCKCHAIN
Micropayments and Blockchain applications will go mainstream in 2017. Mobile payments will grow massively, and apps will use "micro-payments" built on digital protocols like the Blockchain. Perhaps Blockchain will allow us to vote from our own devices in the next election. We will see the first smart contracts built on Blockchain.
Ransomware-as-a-Service will become a major threat vector, with a new technical feature using Blockchain to deliver the decryption keys after ransom payment.
3) BOARD ROOM
During 2016, boards of directors have realized that InfoSec risk management is an enterprise risk equivalent to financial, reputational, and legal risk. In 2017, there will be a raft of boards demanding a corporate security culture starting from the C-level down.
4) CEO FRAUD aka BUSINESS EMAIL COMPROMISE
CEO fraud was the up and coming cyberfraud scheme right after ransomware these last 12 months. During 2017 it will be an epidemic, equaling the ransomware plague we are suffering now. Remember the Nigerian prince scams? These cyber gangs are really in Nigeria, but they have climbed up in the criminal food chain and CEO fraud is their focus now. Train your high-risk users within an inch of their lives.
5) ESPIONAGE
During 2017 it will become apparent that espionage will turn out to have gone massively mobile and nobody knew about it. Revelations about both Android and iPhone devices will show they have had 0-days for several years and the NSA was able to own any device they wanted at any time.
6) INTERNET OF THINGS
A major outage caused by a purely malicious Botnet of Things like Mirai will prompt the new U.S. Administration to enforce IoT device security standards and require certification from device vendors.
7) MOBILE MALWARE
Mobile malware will continue to grow at an exponential rate. During 2017 tens of millions of smartphones will be infected with auto-rooting malware. New strains can embed themselves in a phone's bootloader and remain persistent even after factory reset. Scary.
8) OPEN SOURCE
In 2017 we will see a very high-profile data breach based on an open source vulnerability that was disclosed in...wait for it... 2012. The average age of an open source vulnerability in commercial applications is more than five years, and almost everyone is using Open Source these days. Ouch.
9) RANSOMWARE
We have seen exponential ransomware infections in 2016, and this trend will continue in 2017. There are close to 250 different families at this point, this will triple in the next 12 months.
Locky will be the first strain with 1 billion dollar in criminal revenues. Organized Eastern European cybercrime will continue to specifically target health care, education and local government with updated ransomware strains.
10) STATE SPONSORED HACKING
Look, we have a low-grade cyberwar and massive cyber arms-race going on. It's simmering and now and then it flares up, basically with proof-of-concept attacks, except for Stuxnet which was the real deal. In 2017 we may very well see the first major real-world damage caused by state-sponsored hacking.
No comments:
Post a Comment