GlobalSign Blog

10 Jan 2018

5 Cybersecurity Challenges and Trends: What to Expect in 2018

Cybercriminals are going to create 3.5 million new, unfilled cybersecurity jobs by 2021. Compare that with one million openings in 2016. That’s an increase of 350 percent in just five years.

And with that increase comes some serious cybersecurity revenue dedication. Everywhere, businesses are investing a remarkable amount of money into hiring security professionals, maintaining customer privacy and avoiding ransomware attacks.

In 2017 alone, all of those protection efforts cost businesses $86.4 billion.

So what can you expect in the future of cybersecurity? What do cybercriminals have in store for you in 2018?

What new threats do you need to be aware of, and how is that going to change — or how is it already changing — the cybersecurity environment?

To answer those questions, here are five cybersecurity challenges and trends that are coming in 2018.

1. Ransomware Evolution

Ransomware is the bane of cybersecurity, IT, data professionals, and executives.

Perhaps nothing is worse than a spreading virus that latches onto customer and business information that can only be removed if you meet the cybercriminal’s egregious demands. And usually, those demands land in the hundreds of thousands (if not millions) of dollars.

Ransomware attacks are one of the areas of cybercrime growing the fastest, too. The number of attacks has risen 36 percent this year (and doubled in cost).

Sadly, those attacks aren’t fading with time.

If anything, they’re getting stronger. In 2013, there were 500,000 malicious applications. In 2015, that number increased to 2.5 million. Now in 2017, it sits at 3.5 million. And 77 percent of those applications are malware.

2017 android samples distribution

(Image Source)

But the story doesn’t end there. While you’d hope that businesses would take cybersecurity more seriously with the growing number of malicious applications, a good portion of them don’t.

In fact, 20 percent of businesses still don’t have a disaster recovery solution. Which means that when a malicious attack comes — and it will — one-fifth of businesses have no method or plan for recovering data, applications, customer information, servers, or systems.

And 42 percent of the businesses that do have a disaster recovery strategy use a tape-based, outdated backup method.

In today’s world of evolving ransomware, yesterday’s DR strategies no longer work.

Data disappears and the business can’t revive it. That is, unless they pay the cybercriminals.

In 2018, DRaaS solutions are the best defense that modern technology has to offer against ransomware attacks. With it, you can automatically back up your files, immediately identify which backup is clean, and launch a fail-over with the press of a button when malicious attacks corrupt your data.

2. AI Expansion

Robots might be able to help defend against incoming cyber-attacks.

Between 2016 and 2025, businesses will spend almost $2.5 billion on artificial intelligence to prevent cyberattacks.

the future of A.I

(Image Source)

With that development comes several benefits. First of all, you don’t have to pay robots by the hour. They work for free once you have them. (Also, no healthcare or catered lunch.)

Which brings us to the next benefit. Namely, that they can work around the clock. (Sans overtime.) Robots don’t take breaks. Humans do.

Timing is everything with malware and other vicious data manipulations. If, for instance, you could fight a virus as it was downloading, you’d have a much better chance of mitigating its forceful impact. But when you fight against corrupt data after the fact — after the damage is already done — recovery becomes an uphill battle.

Traditionally, IT professionals and cybersecurity experts face these attacks once they’ve already taken place. Nicole Eagan says,

“These breaches are getting reported as historical events, long after something could have been done about it. That has got to change.”

In other words, the biggest problem with recovering from cyber-attacks is that security professionals rarely get the chance to deal with them immediately.

Since artificial intelligence doesn’t need to sleep, though, they can set defense systems against malware the moment it begins to download.

Developers understand artificial intelligence better than ever and how to manipulate its workings. For that reason, there’s no doubt that the future — and 2018 in particular — holds a bit of robot-human cooperation in defense of data everywhere.

3. IoT Threats

Most people are always plugged in.

The vast majority of humans in first-world countries have an iPhone in their pockets, a computer at work, a television at home, and a tablet in their cars.

84 percent of American households, for instance, have at least one smartphone. 80 percent have at least one desktop or laptop computer. 68 percent have at least one tablet. And 39 percent have at least one streaming device.

iot connected devices in the US household

(Image Source)

This is only the beginning, though.

The Internet of Things is making sure that every single device you own is connected. Your refrigerator can tell you when the milk runs out. Alexa can order you a pizza.

Of course, all of that connection carries with it massive benefits, which is what makes it so appealing in the first place. You no longer have to log in on multiple devices. You can easily control your TV with your phone. And you might even be able to control your at-home thermostat from other digital devices.

The problem is that all of that interconnectedness makes consumers highly susceptible to cyberattacks. In fact, one study revealed that 70 percent of IoT devices have serious security vulnerabilities.

Specifically, insecure web interfaces and data transfers, insufficient authentication methods, and a lack of consumer security knowledge leave users open to attacks.

And that truth is compounded by the fact that so many consumer devices are now interconnected. In other words, if you access one device, you’ve accessed them all. Evidently, with more convenience comes more risk.

That’s a risk that security professionals need to be prepared to face by integrating password requirements, user verification, time-out sessions, two-factor authentication, and other sophisticated security protocols.

4. Blockchain Revolution

2017 ended with a spectacular rise in the valuation and popularity of cryptocurrencies like Bitcoin and Ethereum.  These cryptocurrencies are built upon blockchains, the technical innovation at the core of the revolution, a decentralized and secure record of transactions. What does blockchain technology have to do with cybersecurity?

It's a question that security professionals have only just started asking. As 2018 progresses, you'll likely see more people with answers.

While it's difficult to predict what other developments blockchain systems will offer in regards to cybersecurity, professionals can make some educated guesses.  Companies are targeting a range of use cases which the blockchain helps enable from medical records management, to decentralized access control, to identity management.  As the application and utility of blockchain in a cybersecurity context emerges, there will be a healthy tension but also complementary integrations with traditional, proven, cybersecurity approaches.  You will undoubtedly see variations in approaches between public & private blockchains.

One thing's for sure, though. With blockchain technology, cybersecurity will likely look much different than it has in the past.

5. Serverless Apps Vulnerability

Serverless apps can invite cyber-attacks.

Customer information is particularly at risk when users access your application off-server — or locally — on their device.

Why?

Well, on-server — when the data is stored in the cloud rather than the user’s device — you have control over that information and the security that surrounds it.

In other words, you’re able to control what security precautions you take to ensure the user’s data remains private from identity thieves and other cybercriminals.

With serverless applications, however, security precautions are, by and large, the responsibility of the user.

Of course, you can integrate software into the application that gives the user the best chance of defeating cybercriminals. But when all’s said and done, you, the professional, can’t directly defend the customer.

Serverless apps are most common as web service and data processing tools.

leading uses of serverless architechture

(Image Source)

Unfortunately, with all of the vulnerability that serverless apps represent, they don’t seem to be going anywhere in the years to come.

But if you decide to use one, then take as many precautions as you can. For the sake of your customers and your business.

Conclusion

Cybercriminals are going to create jobs for security professionals over the next few years. And they’re going to do it at a remarkable rate.

Sadly, there seems to be no end to hackers who want to access your business and customer data and then use that information to their own malicious ends.

Each year brings with it savvier hackers. Which means that each year also brings new defense mechanisms as well.

In 2018, expect ransomware to evolve more than it already has, AI to take a bit of the cybersecurity burden, the IoT and serverless apps to increase consumer vulnerability, and blockchain to transform cybersecurity efforts.

So what do cybercriminals and cybersecurity have in store for you for 2018? It’s impossible to know for sure. But these five trends seem like a good place to start based on what’s already happening today.

About The Author

John Mason is an Estonian based cybersecurity analyst/journalist who holds an MSc from Northumbria University. In his free time, he likes to give (free and paid) consultations and write about privacy related concerns, news, politics and technology. His work has been published in Tripwire, Digital Guardian, Glassdoor, StaySafeOnline and many more. His website is located here: JohnCyberMason.com

Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign

Share this Post

Write for Us

Apply Now

Subscribe to our Blog