My 2017 in cyber; 12 months in detection and response, and predictions for 2018.
Supply Chain Attacks
The big trend of 2017 was supply chain attacks. Your attack surface extends out beyond your firewall, and compromising your key suppliers, partners, even customers represents a trusted route straight into your organisation and we saw exponential growth of these being used. As an attacker, why wouldn’t you? This trend will continue.
Firm gets breached, cue security vendors bleating in a desperate plea for relevance. Stop it, it’s embarrassing. Feedback from my clients is that this approach does more harm than good – if you’ve got genuine insight then share it, otherwise take a step back – every breach is not about you. But on the flipside…
Often caused by an increase vendor bleating (see above). Many vendors have powerful insight to share but as buyers it is becoming increasingly difficult to separate the insight from the bleat, and 2017 was the year of the turtle. Buyers, try to stick your head ahead above the trench and engage with those vendors who seem to be offering genuine insight in return for your time.
GDPR Not What Was Sold
Someone will get breached in late May 2018 and be the first to do so under GDPR. They won’t get a horrendous fine. Boards will wonder what all the fuss was about – our industry will take a reputational hit as the ‘boy that cried wolf’, which will set back our credibility by at least a year.
The bubble will burst. In the short term, perceived cryptocurrency safety is being eroded by small-scale cyber attacks – at some point an attack will spook investors who don’t really know what they’ve bought, and the whole pile will come tumbling down – if it hasn’t already done so. In the long term the infrastructure that cyrptocurrencies are built on will continue to evolve to support fintech applications. Crypto liquidity and anonymity will continue to drive ransom/extortion demands higher.
No one of any consequence cares about your internet connected toaster. However, the back-end server/control infrastructure that communicates to every toaster is fast becoming a prime target. Why hack one toaster when you can control them all? With manufacturers seeing the connected home as a land-grab race against time, one of these control infrastructures will be breached in 2018 due to security being treated as an afterthought.
Do you agree?
Kidding. Come back to me in 12 months when all/none of this has happened. Alternatively, if you’d like the technical predictions (fileless malware currently top of the list) or to talk through any of the above then contact me now for a discussion in the New Year.
This article was also published on LinkedIn