Story image

Six things the security industry can expect from 2018

02 Nov 2017

As the end of the calendar year wraps up, the security industry is preparing for what 2018 may bring. According to Mark Lukie, senior sales engineer at Barracuda Networks, ransomware, hybrid cloud, channel opportunities, software-defined WAN and web breaches will continue to shape security.

Here are his predictions:

1)    Ransomware attacks will continue to rise in 2018

Ransomware attacks will become more widespread and targeted in 2018, as the tools cyber criminals leverage to take advantage of and develop intellectual property on to rent ransomware-as-a-service becomes more accessible.

We’ll also see more ransomware attacks in 2018 using SQL injections to lock websites, rather than only blocking access to files. This will impose a higher ransom price, as well as making it much harder for companies not in control of their own websites.

The good news is that appears IT organisations are getting more adept at responding to ransomware attacks, but they shouldn’t become complacent. While there's not one silver bullet approach for all businesses, they must continue protecting all entry points, whether it's email, web, end user devices or remote access, as well as focusing on their backup and disaster recovery strategies.

Artificial intelligence (AI) and machine learning are increasing being used to enable more effective and rapid detection of ransomware attacks and spear phishing.

2)        Office 365 use will continue to rise … as well as the threats

While moving email services to Office 365 is a fantastic way to provide anywhere access for employees and reduce costs, trusting your most important data to the cloud raises new concerns about security, compliance and data protection.

With more than 100 million monthly active subscribers and rising, the rapid adoption of Office 365 has made it a breeding ground for highly personalised, compelling attacks by cyber criminals. Office 365 Account Compromise attacks are on the rise, with attackers focused on attempting to steal login credentials and ultimately gain access to launch attacks from within an organisation.

A recent Barracuda survey indicated that over 85 percent of active Office 365 users said they’re concerned about advanced threats (such as spear phishing, impersonation and ransomware attacks), while over 45 percent of respondents have already been a target of these types of attacks.

To avoid becoming a target, organisations need to augment the security, compliance and backup features of Office 365 with critical multi-layer security, archiving and backup. This will allow them to prepare, migrate and operate faster, safer and more efficiently in Office 365.

3)    Website breaches will continue to be front page news

Website breaches will continue to dominate headlines in 2018 – no company wants to be the next Equifax. With new legislation (Mandatory Data Breach Notification) coming into Australia, companies will be forced to focus more on security around their web applications and require better visibility and reporting wherever their applications reside. 

4)    Hybrid cloud adoption to remain strong in 2018

As Australian and New Zealand organisations strive for greater flexibility in how they deliver infrastructure and data centre solutions, we will continue to see an increase in hybrid cloud adoption in 2018. Hybrid infrastructure such as Azure Stack will become more prominent.

Despite public cloud adoption increasing in Australia and New Zealand, many companies (particularly government and financial institutions) can't move some workloads into this environment due to data sensitivity and regulatory issues. By taking a hybrid approach, businesses can manage their own private data centres for sensitive applications, with the flexibility and elasticity of public cloud where it makes sense.

A critical component of successfully adopting a hybrid approach is ensuring the right security posture is deployed to manage an organisation’s infrastructure, data and employees in a secure fashion.

5)    Greater focus on software-defined WAN in 2018

More security vendors will enter the software defined WAN (SD-WAN) space in 2018, as they look to capitalise on faster and more reliable internet connections to connect their remote locations and data centres together with tighter integration around security, instead of having to tap into more expensive solutions.

6)    Vendor consolidation creating opportunities for the channel

Australian and New Zealand resellers are increasingly looking to consolidate some of their overlapping security vendors with technology that achieves the same outcome, with a better price point for end users. This will lead to clearer vertical and product specific opportunities in 2018.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.