2017 Cybersecurity Predictions

2016 was another volatile year for information security. However, after 22 years of watching the same problems recur, 2016 changed things up. Business leaders are finally accepting that information security is not an appliance or compliance, but rather an everyday business practice.
With that in mind, let’s look at the cybersecurity trends taking shape in 2017.
Death of the VAR
[监事会]宝德股份:第三届监事会第十次会议决议公告
The era of the pushy cybersecurity value added reseller (VAR) is over. Decades of CIOs buying “the next shiny object” have done almost nothing to stop the deluge of malware and attacks. CIO/CISOs are fed up with products and VARs. They want intelligence not appliances.
Rise of the MSSP
With the death of the VAR, rising in its place is the managed security service provider. The lack of cybersecurity talent, and the need to operationalize compliance and security is driving companies to outsource security.
All Cloud All the Time
Everything is going there and for good reasons. The cloud is cheaper, more reliable, and gasp more secure. MSSPs are going to the cloud as well.
Automation Nation
Attacks are too complex and sophisticated for a person or even a team of people to handle in a timely manner. Automaton of security response and investigation is the only way to react in a consistent and rapid manner. This puts automation players like Phantom, SwimLane, and Hexadite in the spotlight. 2017 will see rapid growth of this market and probably some acquisitions as well.
数据泄漏之后,组织最重要的任务是和犯罪集团抢时间挽救损失,而不是狡辩和隐瞒。
Internet of Things (IoT) Cools
After years of cybersecurity screeching over IoT vulnerabilities, we see this issue cooling in 2017. Vendors are patching the holes and networks are closing botnets.
CyberwarHeats Up
For the past ten years, the cyberwar between various state actors has remained mostly a cold war. Plenty of rhetoric, minimal damage. Stuxnet in 2010 turned up the heat, but did not ignite a war. However, the 2016 US election hack was a lot bigger and bolder. Regardless of the source of the attack, there is no denying had a big impact on the US election. We expect to see increased state-sponsored attacks in 2017.

On-Line Ransomware Shopping Malls
Ransomware is already the revenge tool of choice among disgruntled IT workers. This is driving a proliferation of point-and-click style malware providers. Malware makers are discovering they can make more money selling their malware, than hacking anything.
UBA PDQ or GTFO
We already have a solid set of User-Behavior Analytics (UBA) products in the market: Exabeam, CyberReason, FortScale, and so forth. SIEM makers like IBM, Splunk, and LogRhythm are rapidly adding this capability to their products as well. UBA is the next logical evolution of SIEM, providing deep, contextual information about internal user actions.
Millennial Security
In 2017, the Millennial generation will officially overtake the workforce, and likewise overtake over your security program. It is time to stop calling this generation names, and start working with them to build great security. If you have not realigned your security program to engage Millennials, now is the time. If you refuse to align your program to this generation, you will continue to struggle with engagement and support.
Conclusion
2016 was an interesting year, in many ways. People are revolting against the status quo. Change is coming. Some of these changes are needed, badly. Some, may blow up in our faces. Here’s to a prosperous and secure 2017.
通过白色恐怖来恫吓员工,企图让员工遵守信息安全规定的做法并不是很好的信息安全管理方法。

猜您喜欢

1、APT28发送邮件给目标人员并诱骗他们去伪造的钓鱼网站修改… https://www.easyaq.com/newsdetail/id/888458967.shtml
移动应用威胁报告称社交网络应用最危险
网络安全微视频——密码安全意识
范冰冰发年终奖超阔气!新款手机外加欧洲旅游
SCANDLINES THEPOWEROFTHEPURSE
网络安全宣传月公益教育动画之保障工作场所安全