Contributed by Chris Roberts, Chief Security Architect, Acalvio Technologies
Just got asked to put the 2018 predictive hat on…BUT before I do that I want to look back at what I wrote for this year and take an objective (ish) look at how well I read the tea leaves 🙂
We will baseline with the following:
- Secure design, it is NOT too much to ask for, but it seems too much to be able to deliver. (Nothing changed here, STILL want this!)
- Honest executives who stand up and take responsibility for being breached IMMEDIATELY. (Couple have, most have still hidden behind a veil of BS)
- Those very same executives to actually take action BEYOND the first 6 months POST breach. (Yea, not happening here IS IT YAHOO/Etc.)
- When sales or marketing want a new Cloud service…they actually INVOLVE IT/InfoSec. (Seen more of the collaboration here)
- Threat intelligence that makes sense AND is usable in a timely manner. (Didn’t I build one?) (Nope, still a mess)
- People to stop using 123456, Password1 and other bloody useless codes to defend their assets. (Nope, we are still password stupid)
- Retail, financial, healthcare and other industries hit…when will someone p0wn the lawyers? (Lawyers starting to get hit w00t!!!)
- Intelligent AI…actually something that works…although possibly I don’t want this? (Hmmm, this IS starting to make its presence felt….)
- Something that actually stops me from moving away from the first computer we break into. (STILL working on this…)
- A system my grandmother can use that REMAINS secure past the date of purchase. (Nope, still not there…)
- All your toasters belong to…NOT YOU (same goes for your fridge, microwave and crockpot.) Oh yea, IoT hacks and BotIoTNets…got this one 🙂
- Not only is your PC encrypted and ransomed, so is your NEST, Samsung TV, LG Fridge, etc. Ish, ransomware on IoT and portable still not there..damm!
- We keep hearing that there are shortages in our field; we will continue to feel the negative effects. Yep, this one’s hurting AND will continue to do so…
- 123456 become 124356, integrity of your data is questioned based on the undetected attacks. The concept of data integrity IS now an issue….yea!
- All your IT is run by your business units. The cloud disseminates the IT’s ability to manage data. Yep, coming into its own as more and more of an issue…
- All our data still doesn’t make sense…data analytics and modeling still has a long way to go. Arguably we still generate more data than we can comprehend?
- Managed security services will continue to grow; all MY problems become YOURS (hopefully.) Yep, MORE and MORE getting into the VSOC world
- The ability for LE around the globe to continue to collaborate on key issues WILL grow. Ish, need others to chime in here…
- Blockchain and BitCoin get used to those two words…they will continue to evolve and grow. Yea, I win the buzzword bingo on this one!
- The continued evolution of the attackers Swiss army knife of leased/purchased exploits avenues. Unfortunately yes, this one is a nasty reality…
- The evolution of non-traditional security. The Stack we have doesn’t work, time for something new. STILL have a LOT to do before we kick reactive security out…
- IF Amazon or anyone fully realizes drone delivery then watch drone-jacking become “a thing.” Dammit, still hoping this one comes true in 2018 😉
Thanks folks 🙂
2018’s list will be out soon-ish 🙂
This appeared as a LinkedIn article, and is published with Chris Robert’s permission.
The opinions expressed within this article are the personal opinions of the author. The facts and opinions appearing in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.