Last 2015, we saw how much consumer confidence was rocked by the number of mega breaches that exposed the identities of millions of people. The ability for some organizations to recover from a data breach was paralyzing as we saw in the Ashley Maddison data breach.
Symantec’s security intelligence team has put together the top security predictions for the year ahead and beyond.
The Need for Improved Security on IoT Devices Will Become More Pressing
As consumers buy more smart watches, activity trackers, holographic headsets, and other Internet of Things (IoT) devices, the need for improved security on these devices will become more pressing.
According to a Gartner report titled Agenda Overview for the Internet of Things, by 2020 close to 30 billion connected things will be in use across a wide range of industries and the IoT will touch every role across the enterprise. There’s no doubt the market for Internet of Things–ready devices is growing but it is still very fragmented, with a rich diversity in low-cost hardware platforms and operating systems. As market leaders emerge and certain ecosystems grow, the attacks against these devices will undoubtedly escalate, as we’ve already seen happen with the attacks on the Android platform. The good news is that OS makers, in particularly Apple, are making good strides in enforcing security in the eco-systems they support, such as HomeKit.
Opportunities For Cybercriminals To Compromise Apple Devices Will Grow
Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5 percent of global smartphone shipments and 7.5 percent of global PC shipments. This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing specific malware designed to infect devices running Mac OS X or iOS.
The Battle Between Ransomware Gangs and Malware Distribution Networks Will Heat-Up
From early beginnings in Russian speaking counties, ransomware has evolved and spread into Western Europe, the United States, Canada, Australia, Europe and Asia. It is likely that some of the gangs responsible for the original ransomware are part of this expansion, but other established criminal gangs are also becoming involved. Clearly, the fraud is profitable for criminals and is likely to increase.
Cyber Attacks and Data Breaches Will Drive the Need for Cyber Insurance
When we look at the rapid adoption of cyber insurance, there are two key factors that attribute to this growth: new regulations which obligate companies to respond to information breaches; and the increase of cyber criminals using stolen information for payment fraud, identity theft, and other crimes.
Risk of Serious Attacks to Critical Infrastructure Will Increase
We have already seen attacks on infrastructure and in 2016 we can expect this to continue to increase. Motivations for critical infrastructure attacks are both political and criminal, with nations and political organizations operating cyber-warfare campaigns, and criminals attacking for profit or ransom. The industrial IoT is becoming more connected due to requirements and demand for reporting and improved functionality through connectivity with additional services. These changes introduce bigger attack surfaces into the more traditionally hard to secure environments.
The Need for Encryption Escalates
Encrypt everywhere is quickly becoming the mantra of the technology industry. With so much communication and interaction between people and systems happening over insecure and vulnerable networks like the Internet, strong encryption for this data in transit has been well recognized for some time and it is generally implemented.
The Tipping Point for Biometric Security Is Approaching
The last two years have seen a significant rise in the use of biometrics. This is expected to grow significantly with major industry players implementing new capabilities both with new sensors in devices and with adoption of biometric authentication frameworks like FIDO and TouchID. This facilitates secure on device storage of biometric information (like fingerprints) as well as interoperability between apps and systems.
Security Gamification and Simulation Will Tackle the Security Awareness Challenge
Internet security relies on the human element as much as it does on technology. If people were more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding scams as it is of government employees avoiding the social engineering in targeted attacks.