If we had to describe 2017 in a word, it would be chaos.
From Equifax’s disastrous breach that affected an estimated 145.5 million people to the WannaCry ransomware attack that shut down over 300,000 machines, including medical devices and cars—it’s not a stretch to dub 2017 the year of the hack.
So what does that mean for 2018? Well, the only certainty is that hackers are still out there, hiding in the crevices of the digital void.
Cybercrime is as elusive as it is dangerous. Not only that, it’s a highly lucrative industry that pulls in approximately $445 billion. Such an imposing threat intensifies the need for better cybersecurity.
Here are eight cybersecurity trends that will determine the future of the field and the safety of our data.
1. More companies will implement multi-factor authentication.
Two-factor authentication (2FA) is more than your basic password/username combo. It includes security measures like a token or unique code that is sent to the device paired with an account.
Though 2FA serves as a better barrier to hackers, it’s certainly not perfect. There are ways to bypass it, which is why many companies are going a step further and using multi-factor authentication.
Multi-factor authentication uses biometric cues (i.e. voice, retina, fingerprint or facial recognition) as an additional security measure to ensure only designated individuals are granted access.
2. Cloud infrastructure will need better fortifications with the rise of IoT.
The cloud is a cornucopia of data, making it a profitable target for hackers. The cloud isn’t the data itself—but the platform through which the data travels.
So, if cybercriminals breach the platform, they not only have access to the data but also know its origin and destination. With the rise of the Internet of Things (IoT), the flow of data will involve everything from phones to cars to heart defibrillators and more.
With more devices comes more vulnerabilities for hackers to exploit. With IoT, the stakes are higher than ever to fortify the cloud.
3. SecDevOps will become the standard for cybersecurity models.
SecDevOps applies the same principles of DevOps that emphasize automation, collaboration and continuous feedback.
Implementing security measures can be cumbersome. With SecDevOps, however, the integration occurs at the beginning of the software lifecycle, so any bugs can be detected early on.
The reason this model is so effective is because it minimizes human error, which is the Achilles heel of cybersecurity. In fact, 90 percent of the time, the tech isn’t at fault for a breach—the people controlling the tech are to blame.
SecDevOps lets the technology do all the grunt work through automation, so the people running it can just focus on making it better.
3. GDPR compliance will demand more from IT departments.
Hackers aren’t the only thing companies need to worry about when it comes to cybersecurity.
Starting May 25th 2018, the European Union’s General Data Protection Regulation (GDPR) will make cybercrime a lot scarier by imposing fines on companies who don’t comply to their security protocols.
Many think the GDPR only has authority over European companies, but that’s not the case at all. Most companies with an online presence that market their products and/or services over the web need to comply.
The new GDPR protocols include: reporting a breach within 72 hours, erasing personal data that is no longer necessary or was obtained unlawfully and providing more rigorous consent forms to consumers.
The 72-hour breach reporting in particular will put major pressure on IT departments to remain vigilant on cyberattacks.
5. Automation and AI will become a double-edged sword.
Automation and machine learning are leading technologies in cybersecurity, making it more efficient than ever.
Cybersecurity professionals can let the tech do all the grunt work, while they can focus on the vision for its applications. Man and machine are unstoppable when they can leverage their strengths together.
By the same token, hackers can also use automation and AI for their dirty work. Worse yet, they can implement these tools faster because they aren’t hindered by the corporate bureaucracy that keeps legitimate organizations lagging behind.
6. The demand for cybersecurity professionals will surge.
Hacker organizations make an exorbitant amount of money off their attacks, which is why they attract top talent.
The demand for cybersecurity professionals is already high, as the unemployment rate for this field is at zero percent. By 2021, projections show that the demand will more than triple with an estimated 3.5 million unfilled jobs in cybersecurity.
As the need for these professionals surges, so will their salaries. If companies want the best talent, they’ll have pay a hefty price for it.
7. The healthcare industry will become a major employer for cybersecurity professionals.
Healthcare is already America’s biggest employer, partially because of the burgeoning health IT sector. What many don’t realize, however, is how desperately the healthcare industry needs cybersecurity.
Ninety percent of hospitals experienced a cybersecurity breach in the last two years, and these breaches cost the healthcare industry over $6 billion annually. With the rise of telehealth operations and digital health records, medical facilities have become a prime target for cybercriminals.
Patient health records have far fewer protections than financial information, yet these records include critical data like social security numbers, insurance information, home and work addresses, familial information and more.
Hackers can steal a patient’s insurance information and sell it, which on average costs over $22,300 per victim. Worse yet, the victim may lose their life, disability or long-term care insurance if someone ineligible for their coverage uses it.
When it comes to cybercrime, healthcare is more vulnerable than any other industry because it offers the most valuable data but has the least amount of protection.
8. More major tech giants will partner with insurance companies.
Last month tech giants Apple and Cisco announced a new partnership with Allianz, one of the biggest insurance companies in the world.
These companies found favor with the insurer because they offer products with a “superior level of security” in Apple’s own words. This new partnership enables businesses who use Apple and/or Cisco products to receive better cybersecurity insurance that includes lower or even no deductibles.
The deal marks a first in cybersecurity risk management, but it certainly won’t be the last partnership of this nature.
It’s no stretch to think that other tech companies will try to score brownie points with insurers as a way of incentivizing companies to use their products.
The Future of Cybersecurity
Cybersecurity is the ultimate arms race—an invisible warfare. Just because it doesn’t involve guns or bombs doesn’t make it any less dangerous.
Hackers are insidious criminals who can ruin millions of lives with a single click. The threat is constant, which why we need our security measures to be faster, more reliable and more effective than ever.
Only time will tell whether or not we learned from the disastrous mistakes of 2017.