Information security breaches will continue with more power across all major business sectors and governments worldwide. Distributed denial-of-service (DDOS) attacks, ransomware and misdirection are the biggest techniques cyber criminals will use in 2017.
The security landscape is constantly evolving and will continue to evolve in 2017. Long-standing security threats will take on new dimensions. Social engineering, for example, will become an output as well as an input. At the same time, the Internet of Things (IoT) continues to open new threat vectors. The New Year will certainly bring its share of security surprises. CIO identified four security threats that deserve particular attention as we head into 2017: the hyper connectivity of the IoT, the role of cybercrime-as-a-service in powering global crime syndicates, the ongoing challenge of meeting regulatory and legal compliance standards and the rise of attacks aimed at brand reputation.NCN discussed with the IT community for predictions and thoughts as to how the information security landscape will evolve in 2017and were overwhelmed by the response, so we want add new predictions from the industry experts offering insight and thoughts in 2017.
“We expect attacks to become more complex In 2017 ”
Mr. Sunil Sharma, Vice President, Sales, Sophos, India and SAARC
We are in an interesting phase of transformation. The Government’s vision of digital India raises questions with regard to security and many of the threat trends we have seen in 2016 will continue as we head towards 2017. Towards the later of half of 2016; IT security has evolved as the most sought after discussion in the industry and there are several triggers to it. The 3.2 million banking data breach, hacking of Twitter accounts of politicians and businessmen, the Govt’s push towards demonetization and cashless economy and the most recent claim by Legion to have secured the encryption certificates of major banks where customer data is stored.
Ransomware attacks are likely to remain a big threat to enterprises and cybercriminals will continue to use ever more sophisticated and convincing targeted attacks to trick users into compromising themselves and their company. What is clear is that enterprises of all sizes will continue to be of particular interest to cybercriminals. The Sophos Labs geo malware report confirms this perspective – India being one of the most vulnerable countries to malware attacks with a threat exposure rate of 16.9%. We think cybersecurity will remain very high on the agenda for IT departments and C suites.
In 2017, we expect attacks to become more complex. Cybercriminals will bring together multiple technical and social elements and probe an organization’s network to proactively attack a specific target that is more prone and less secure. Ransomware will evolve in 2017; as vendors work to prevent ransomware, cybercriminals will look for new ways to evade detection with this highly lucrative threat. Phishing and social engineering will dominate as an attack method and there will be a shift from exploitation to targeted social attacks. The Legion break out showed the downside to encryption as threats can sneak in undetected. Cybercriminals are using encryption in creative new ways.
IT and data security will be high up on the radar of CIOs and CISOs in 2017 be it in banks, ecommerce companies, IT services providers, Education, Healthcare and above all Government. You name an industry and the C-suite in their financial forecasts would have increased the budget for digital security for 2017.
Sophos, with its unique strategy of ‘complete security, made simple’. has been able to break through the complexity of products and solutions available on the market and we have seen strong demand for our industry-leading technology in our target markets this year. We are poised to address the $1.2bn IT security market which Gartner expects to grow by 10.6% and we continue to grow faster than the rest of the market, and think that opportunity will be created from the blurring personal-professional divide, the recent push by the government towards a cashless economy and rising usage of digital platforms and electronic transactions. It’s time for organizations to implement synchronized security solutions to prevent, detect and remediate threats.
“Hackers will Continue to Exploit the Weakest Link”
Mr. Amit Nath, Country Manager- India & SAARC, FSecure
2016 has been a roller coaster ride in the cyber security space. With cyber breach news on Debit Cards, Yahoo Hack, IRCTC Hack and the very recent hack of Social Media account of known personalities, the security of personal data is questionable. Social media accounts have been hacked for a variety of reasons, most common of them all happens to be for fun. However, major part of hacking is not technical skills or computers, but the skill of tricking human beings. These hackers mostly prey on the altruistic impulses, greed and gullibility of people.
Post demonetization, while the use of online payment platforms have gone up, along with it has grown the fraudulent misuse of payment networks and data theft. In the given scenario, the foremost of all threats is identity. Considering the recent breach incidences with 3.2 million Debit Cards compromised, it is important to know every customer, partners, their customers and most importantly your own employees. Therefore, unless one understands and owns the game of identity, companies will continue facing growth constrains caused because of frauds and attacks, resulting in lack of confidence. Furthermore, the security provisions and applications still remain the same. While people are getting comfortable with mobile wallets and banking through apps and smartphones, Wi-Fi networks continue to have major security flaws that can make it very dangerous to conduct transactions using mobile device. Though there are several rules on do’s and don’ts of using a Wi-Fi, one should always keep in mind not to use public Wi-Fi to access financial info.
On the other hand organizations are also required to adopt and setup multiple defence mechanism. One should also keep operating system and browser up-to-date with the latest protective patches installed only from trusted websites. Most operating systems regularly release updates that fix security vulnerabilities, and not updating them may leave security holes and glitches that can be exploited in a hacking attempt.
As far as expectations is concerned, Hackers will Continue to Exploit the Weakest Link. Until organizations persistently protect information at the data level , these attacks won’t slow down. And, as companies increasingly utilize third party service providers to reduce costs, more and more information will be at risk. In 2017, we can also expect to see organizations placing stricter compliance regulations on their third-party outsource vendors and other external collaboration partners. Cybersecurity and Cloud migration continues to be a major emphasis, with CIOs renting more software through the internet and investing in more proactive approaches for defending their corporate castles. In 2016 we saw organisations across many industries recognising the potential of cyber-security to enable their move to become digital businesses. We will see this trend continuing in 2017. So security needs to be pushed beyond the physical perimeter into a cloud environment.
“ IoT, smarter malware and ransom-based attacks to be at forefront of hacking activities in 2017 ”
Mr. Derek Manky, Global Security Strategist, Fortinet
In recent weeks, IoT (Internet-of-Things) devices were hijacked to shut down a huge section of the Internet. Stolen documents were used in an attempt to influence the US presidential election. Ransomware began to reach epidemic proportions, including high value targeted ransom cases. These and similar attacks have had sweeping impacts beyond their victims.
Watching cyber threats evolve over the past year, a few trends have become apparent. The digital footprint of both businesses and individuals has expanded dramatically, increasing the potential attack surface. Everything is a target and anything can be a weapon. Threats are becoming intelligent, can operate autonomously, and are increasingly difficult to detect. We are seeing two threat trends: automated attacks against groups of smaller targets and customized attacks against larger targets. These two trends are increasingly being blended together, with automated attacks being used as a first phase, and targeted attacks as a second.
Based on these trends, FortiGuard Labs is making six predictions about the evolution of the cyberthreat landscape for 2017. We are in the middle of a perfect storm around IoT: a projected growth to over 20 billion connected devices by 2020, a huge M2M (machine-to-machine) attack surface, built using highly vulnerable code, and distributed by vendors with literally no security strategy. And of course, most of these devices are headless, which means we can’t add a security client or even effectively update their software or firmware.
Right now, attackers are having a lot of success simply exploiting known credentials, such as default usernames and passwords or hardcoded backdoors. Beyond these, there is still much low-hanging fruit to exploit in IoT devices, including coding errors, back doors, and other vulnerabilities resulting from the junk code often being used to enable IoT connectivity and communications. Given their potential for both mayhem and profit, we predict that attacks targeting IoT devices will become more sophisticated, and be designed to exploit the weaknesses in the IoT communications and data gathering chain.
One likely development is the rise of shadownets – or IoT botnets that can’t be seen or measured using conventional tools. Shadownet attacks will initially take the form of targeted DDoS attacks combined with demands for ransom. Collecting data, targeting attacks, and obfuscating other attacks are likely to follow.
The security issues around IoT devices are becoming too big for governments to ignore. We predict that unless IoT manufacturers take urgent action, they will not only suffer economic loss, but will be targeted with legislation designed to hold them accountable for security breaches related to their products.
The current shortage of skilled cybersecurity professionals means that many firms looking to participate in the digital economy will do so at great risk. They simply do not have the experience needed to develop a security policy, protect critical assets that move across network environments, or identify and respond to today’s sophisticated cyber attacks. For many, their first response will be to buy traditional security tools, such as a firewall or IPS device. But managing these devices requires specialized resources, and increasingly, such tools cannot effectively secure highly dynamic and widely distributed networks in use today. We predict that savvy organizations will instead turn to security consulting services that can guide them through the labyrinth of security, or to managed security services providers who can provide a turnkey solution. They may also move the bulk of their infrastructure to the cloud where they can simply add security services with a few clicks of a mouse.
“Cyber espionage in the private sector will be common”
Mr. Nilesh Jain, Country Manager- (India and SAARC), Trend Micro
Attackers will become more sophisticated, persistent and aggressive. They will profile their victims and carry out pre-testing before launching attacks. They will also be using artificial intelligence within server environments to figure out the best mode of attack. Custom designed Malware will evolve and become more adaptive using success-based learning. Cross platform malware or transformers designed to operate on and between multiple devices will be dominant. IoT attacks and breaches will increase. DDOS attacks with demands for Ransom will increase manifold. Mobile based attacks will continue to reign supreme. Enterprise breaches will originate on mobile devices. The simplicity of business email compromise attacks will drive an increase in the volume of targeted scams in 2017. Business process compromise will gain traction among cyber criminals looking to target the financial sector. Cyber propaganda will become a norm. General data protection regulation implementation and compliance will raise administrative costs across organizations. Threats actors will come up with new targeted attack tactics that circumvent current anti evasion solutions. Drone jacking will become more prevalent. Machine learning will make social engineering attacks more sophisticated. Cyber espionage in the private sector will be common. Curation of information will become a key focus for all organizations of all kinds. Board room will start looking at IT security as a dangerous business risk
“ Now, security professionals are charged with securing the constantly expanding corporate attack surface”
Mr.Manoj Taskar, Country Manager (India & SAARC) at Tenable
Security professionals across the world will continue to face radical shifts in the enterprise attack surface as we move into 2017. Complicated by the constantly evolving and expanding threat landscape, heightened technological complexity is creating even more opportunity for attackers to exploit gaps in security coverage, leaving all organizations vulnerable to compromise and breach.
With the accelerated adoption of mobile, cloud, internet of things, BYOD and containers, the modern enterprise no longer has a well-defined network perimeter that can be secured and defended. Now, security professionals are charged with securing the constantly expanding corporate attack surface. In this new security landscape, it will be imperative that organizations not only understand the threats aligned against them, but that they possess a realistic assessment of their own cybersecurity strengths and weaknesses.
According to the Tenable Network Security 2017 Global Cybersecurity Assurance Report Card, which solicited insights from 700 security professionals in nine countries and across seven industry verticals, global cybersecurity confidence has fallen by six points over 2016 to earn an overall score of 70 percent (C-). Security professionals also felt less confident in their ability to assess risk across key IT components, falling 12 points this year to 61 percent (D-).
A notable concern includes failing grades in Risk Assessment scores for containerization platforms (52 percent), DevOps environments (57 percent) and mobile devices (57 percent). In 2017, it will be critical for security professionals to embrace these technology trends and develop a security program that effectively and efficiently identifies and mitigates threats and vulnerabilities within them.
“ The year 2017 may not be much different in terms of the rise of cyber threats”
Mr. Rajat Mohanty, Co-Founder and CEO of Paladion Networks
Globally, the sheer number of security breaches in 2016 was alarming. There were several large profile frauds and breaches to banking and social media companies as well as numerous ransomware attacks on businesses. India too had its share of high profile breaches including compromise of millions of card data. The year 2017 may not be much different in terms of the rise of cyber threats. Some of the predictions for the New Year are the Ransomware has proved to be quite profitable venture for cyber criminals. These are low value incidents but the attacks can happen over larger spread of companies. Its much easier to perpetrate the attack and get money without any need for complicated underground network for carrying out complex fraud schemes. While 2016 saw record number of cases, this attack form is yet to peak. It will see more variations and more intensity in 2017 before slowing down by end of the year as organizations improve their recovery systems. With the demonetization initiatives in play and large number of cashless payment systems coming up, there will be lot of social engineering attacks in the year. Currently people have low level of awareness on the various forms of cashless systems and cyber criminals will exploit that through phishing, rogue apps, email frauds, identity thefts and confidence tricks. With large scale adoption of digital technologies across industries, the attacks will move to SME sector where the defences are lower and hence easier to breach. Stealing personal data, card data and conducting fraudulent transaction through account takeover would be the common attack vector. For past two years, industry has talked about newer threats coming from cloud and IOT adoption. Year 2016 has a large scale DDoS attack using insecure IOT devices through Mirai worm. The year 2017 will see more new attack forms based on IOT. The intersection of AI and voice enabled systems is another interesting area to watch for attacks. With rise of intelligent voice enabled computing powered by apps like Cortana, Google now, Siri presents interesting scenario for attacks.
On the cyber defense side, the trend will continue towards increasing the speed of detection and response. Industry has significantly improved the average days it takes to detect breaches from over 220 days to around 150 days. With use of big data analytics and more pervasive monitoring, this will further reduce in coming year. The overall scenario is expected to improve significantly and organisations will be able to identify anomalies and advanced attack vectors, which will pave the way for comprehensive cyber security. Since, security threats are also expected to become more sophisticated, it will become imperative to implement machine learning techniques, AI (Artificial Intelligence), as well as predictive analysis in information security. Similarly, organizations will use more automated response mechanisms to quickly contain and eradicate attacks. 2017 is likely to see a rise of centralized response platform in Security Operation Centers.
“The cyber security industry will go through similar change in 2017 and beyond”.
Mr. Vikas Kapoor, Practice Head – Cyber Security at In2IT Technologies
In 2017, many organizations will conduct a Comprehensive Security Program Assessment to take a relook at their entire cyber security across people, processes, and products. As an outcome of the assessment, following will be factored in the roadmap of cyber security.
In 2017, organizations will see many security products- Bug Bounty Platforms, Crowd Security Intelligence Platform, Cyber Ranges, Hunt Operations Platform, Website Defacement Monitors, Incident Response Platform, Breach Detection Platform, Social Media Security Platform and Cognitive Security Platform, being actively getting into the system.
Once you add the full landscape of security products that your organization has or might procure –the search for right security talent becomes very difficult. The co-sourcing models in cyber security are changing with partners open to ideas of ‘variable security resources’. Organizations which will make use of co-sourcing effectively in 2017 will have an edge over their peer organizations.
Policies, processes, and procedures
Over the years, the IT service delivery and management industry has matured with most of the processes automated by either custom development or by adoption of ITSM tools. Similarly, the earlier governance, risk, and compliance industry got streamlined with advent of operational risk tools such as Archer. The cyber security industry will go through similar change in 2017 and beyond.
“Are You Ready for the Fourth Industrial Revolution in 2017?”
Mr. Parag Arora, Area Vice President & Country Head – India Subcontinent, Citrix
2016 has been a year which is likely to be marked in history as the year that witnessed the onset of the Fourth Industrial Revolution -an era where the physical and digital worlds will converge to transform the way we live and do business. And while we have heard a lot of buzz around it this year, 2017 will be the year when it kicks in full force.
It was also the year when we at Citrix redefined our vision and strategyto enable our mission to power a world where people, organizations and things are securely connected and accessible. This, based on mobile, cloud, big data analytics and Internet of Things (IoT) – four forces, the adoption and convergence of which will fuel the Fourth Industrial Revolution.
The flipside of the dawn of the new era, from an organisation’s perspective, is the technological complexity, heterogeneity and information overload that comes with convergence. Given this, we believe the following factors will determine how the business landscape takes shape in the coming years, beginning with 2017.
Artificial Intelligence has grown by leaps and bounds in the last few years, however the human element still plays a crucial role in the larger scheme of things, and this is where Hybrid Intelligence will play a crucial role. Hybrid Intelligence enables computers and humans to work together which significantly improves the productivity as compared to when the two function in isolation. What Hybrid Intelligence will essentially do is help us make more sense of all the information we gather and make meaningful connections, which is the essence of creativity and productivity.
Workspace as a Service (WaaS)
The concept of work is poised to undergo a fundamental shift, in fact the process has already begun. We envision that the future workplace would be a cloud-delivered conduit to individual productivity, and its success will be measured by its ability to provide an integrated, flexible and secure experience across the board, irrespective of the origin of the data. So, while organisations could gear their systems and infrastructure to cater to this scenario, a consistent yet bespoke solution would determine the success of how well organisations adopt it.
Adaptive Security Architecture
The ever evolving application architecture, mobile and other emerging platforms as well as the all-pervasive Internet of Things while making matters convenient, have also made networks more porous and prone to security threats. However those being digital imperatives, the onus will be on the CISO’s office to design an agile security system that responds to the environment in real-time without violating users’ privacy or compromising the networks’ functionality.
It is a given that the Fourth Industrial Revolution will be marked by an unprecedented deluge of data that will have an impact on most, if not all, aspects of our life as well as the business landscape. It is also a given that that technology will be at the very core of it all. However, how well we understand it and bring it all together will be the keys to survival and success in the years to come.
“We see IoT getting early roll out in surveillance projects”
Mr.Sajan Paul, Director of Systems Engineering & CTO at Juniper Networks in India and SAARC
According to a new IDC report, the networking market in India grew at 10.5% during the Q2 of 2016 as compared to last year. Banks upgrading its networks and spends increasing from automobile, education and professional services organizations were the key reasons behind the growth of switching market in this quarter, as per the report.
Businesses Will Look for Greater Value When It Comes to Network Virtualization. With the success of early NFV deployments and the continuing challenges for operators to deliver even more services with flawless performance, end customers will require new levels of flexibility. As such, there will be a push towards bring your own license (BYOL) and pay as you go models tailored to supporting cloud-based infrastructures for different application needs.
The Internet of Things (IoT) is a unique domain that offers tremendous business opportunities for telecom players in the years to come. Studies show by 2020, over 25 billion connected devices will be live globally, with opportunities in abundance for data mining and data analytics. The total revenue generated from IoT industry would be USD 300 billion and India would have a share of 5-6% of the global IoT industry.
We see IoT getting early roll out in surveillance projects, vehicle tracking, connected cars, and home automation. We see consumer domain having the maximum uptake. In fact, out of 6B+ devices, close to 4B is in the consumer domain and the rest in business solutions.
IoT under Pressure. Today, IoT is letting us down, underperforming and under delivering. In fact, in some ways its making life more complex and less secure as it’s quickly becoming the gateway to cyber-attacks. Although consumer adoption of IoT is still in its early stages, there are very few turnkey orchestration tools to successfully manage IoT security. For IoT to survive and live up to what it promises, it’s vital that technology companies master security and unlock the possibilities of integration. The real “winners” are going to be companies who can code their own solutions to ensure their products are secure.
“ All security organizations need to be working together and sharing open threat intelligence”
Mr.Rakesh Kumar Singh, Tech lead – Data Center at Juniper Networks
We will see an increase in the Collaborative Security Industry. The security industry is slowly working towards collaboration between adversaries, but at the end of the day, collaboration remains nascent. Beyond sharing basic data, we still lack the interoperability necessary to address the next generation of threats. This has led to an increase in cybersecurity startups finding favor among funders – venture capital investments in cybersecurity startups went from less than $1 billion in 2010 to $2.5 billion in 2014 (source). A recent study from SANS Institute found that 71% of respondents said access to shared threat intelligence gave them improved visibility into threats, while only 40% are actively contributing to threat intelligence. This disconnect indicates that all security organizations need to be working together and sharing open threat intelligence, which is crucial for the industry to remain one step ahead of attackers.
Automation Will Help Organizations Address the Shortage of Security Personnel. Often organizations invest heavily in effective security hardware and software, but lack the security specialists necessary to ensure their effectiveness. As an example, breaches like the ones that impacted Target and Home Depot were detected by their high-end security systems, but the security operations practitioners were too overwhelmed by the thousands of alerts they received per hour to see which ones posed the most imminent threat. As automation becomes more integrated into security solutions, security personnel will receive fewer notifications with more relevance, relieving them of the manual task of hunting through a sea of alerts to find the truly malicious ones.
Overall, it becomes imperative to take a holistic, fresh look at your organization by taking the first step of conducting a Comprehensive Security Program Assessment to create a roadmap for next two to three years. While hackers have traditionally targeted enterprises with large amounts of data and deep pockets, we will start to see attackers focusing more on smaller businesses who are potentially easier targets. While these SMBs may not have as much for attackers to gain, they are viewed as softer, easier marks good for making quick money, which can be devastating and possibly bankrupting to small organizations. As large enterprises ramp up their security, expect to see SMBs more frequently targeted by hackers.