5 cyber security predictions for 2016

How to defend your business against the worst hackers have to offer in the New Year

Hacker hand

When it comes to crystal ball gazing in the tech world, the rule of thumb is not to do it as you only end up looking like an idiot in 12 months' time.

This time, though, the sad truth of the matter is that predicting the shape of the IT security threatscape for next year really isn't that hard: 'more of the bloody same' pretty much sums it up.

Advertisement - Article continues below

But while exploit kits, DDoS attacks, and ransomware will all continue marching into the enterprise and doing damage, these threats will also evolve to become more dangerous.

Here's five IT security predictions to mull over as you recover from your New Year's Eve party.

Evolution not revolution

Criminals, be they of the cyber variety or any other, tend to stick to what they know works. However, the good guys are always upping the stakes by making it harder for that stuff to work, which forces the criminals to modify and improve their attacks.

Both the tactics and the tech are being constantly tweaked to make it harder to detect what is going on, and therefore making these attacks harder to stop.

What doesn't move, of course, are the goalposts: the bad guys are still after your data. This means you should focus on making it not only as hard as possible to access, but also useless to a thief if they do get through the barricades (yes, we're talking encryption here).

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

But what about the revolutionary changes, surely there must be some threats that fall outside of the 'slightly tweaked' norm, surely there must be some things that won't be obvious on the radar?

I'm not convinced that's actually true, at least not in the sense of being able to predict what they will be. Revolutions tend not to be announced in advance, after all. What we can do, though, is second guess the likely moves that will impact the enterprise and suggest you keep an eye open for them.

Harder, stronger, deeper, longer

One such shift will be more specific platinum breaches as criminals pick their targets, rather than adopting a scattergun approach. A platinum breach is the one that makes the headlines, the big job, the attack that yields a stupid-millions data haul.

The bad guys are likely going to rely less on broad-brush attacks when targeting these large enterprises and instead go deeper and narrower, becoming more sophisticated and spending more time and money to breach the defenses.

Advertisement - Article continues below

We've already seen such incidents as the TalkTalk data breach and the OPM hack in 2015 expect more in the New Year.

Arm the Androids

The weaponising of Android attacks could, finally, become a reality in 2016. We've already seen the warning shots being fired across the bows of the mobile landscape: Stagefright was a very near miss.

I've singled out Android for two reasons: market size and fragmentation. It has the largest number of mobiles users by a massive margin, and the OS is fragmented across handsets and versions. So not only is the opportunity for profit enormous for the bad guy, but the ability to roll out security protection against newly discovered vulnerabilities is hamstrung by the fragmented nature of the beast.

Internet of Insecure Things

Although it's not really that new, it's proving to be a revolutionary element of the tech sector, albeit in a somewhat laid back and gentle way. Yes, I'm talking about the Internet of Things (IoT), which cannot have escaped your attention and certainly hasn't passed the criminal fraternity by. The bottom line is that your data is valuable so you need to understand where it is going, and protect it both on the way and at the destination.

Advertisement - Article continues below

That's not proving as easy as you might hope for when it comes to a myriad of low-powered and minimally-resourced yet connected widgets. The exceptions are likely to be smartwatches, if adoption continues on an upward curve in 2016. These pack a fair amount of power onto the wrist, and can hold (or have access to) a lot of data.

Skills gap obesity

Perhaps the biggest threat organisations face in 2016 is the widening skills gap between those who would steal our data and those who can protect it. Security budgets are not bottomless pits, and there is often not enough money to enable IT security teams to both keep up with all developments within the threatscape and maintain the daily routine the job requires.

Criminal enterprises and state sponsored actors have the money to hire in the specialist skillsets required for a particular attack, they have the luxury of knowing precisely what they plan to do.

IT security teams, meanwhile, have to try and defend against everything and that is doomed to fail. Which brings me back to something I've said before and will keep saying again and again: it's all about the data, stupid...

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement
Advertisement

Recommended

Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020
Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020
Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020