5 cyber security predictions for 2016

How to defend your business against the worst hackers have to offer in the New Year

Hacker hand

When it comes to crystal ball gazing in the tech world, the rule of thumb is not to do it as you only end up looking like an idiot in 12 months' time.

This time, though, the sad truth of the matter is that predicting the shape of the IT security threatscape for next year really isn't that hard: 'more of the bloody same' pretty much sums it up.

But while exploit kits, DDoS attacks, and ransomware will all continue marching into the enterprise and doing damage, these threats will also evolve to become more dangerous.

Here's five IT security predictions to mull over as you recover from your New Year's Eve party.

Advertisement - Article continues below
Advertisement - Article continues below

Evolution not revolution

Criminals, be they of the cyber variety or any other, tend to stick to what they know works. However, the good guys are always upping the stakes by making it harder for that stuff to work, which forces the criminals to modify and improve their attacks.

Both the tactics and the tech are being constantly tweaked to make it harder to detect what is going on, and therefore making these attacks harder to stop.

What doesn't move, of course, are the goalposts: the bad guys are still after your data. This means you should focus on making it not only as hard as possible to access, but also useless to a thief if they do get through the barricades (yes, we're talking encryption here).

But what about the revolutionary changes, surely there must be some threats that fall outside of the 'slightly tweaked' norm, surely there must be some things that won't be obvious on the radar?

I'm not convinced that's actually true, at least not in the sense of being able to predict what they will be. Revolutions tend not to be announced in advance, after all. What we can do, though, is second guess the likely moves that will impact the enterprise and suggest you keep an eye open for them.

Advertisement - Article continues below

Harder, stronger, deeper, longer

One such shift will be more specific platinum breaches as criminals pick their targets, rather than adopting a scattergun approach. A platinum breach is the one that makes the headlines, the big job, the attack that yields a stupid-millions data haul.

The bad guys are likely going to rely less on broad-brush attacks when targeting these large enterprises and instead go deeper and narrower, becoming more sophisticated and spending more time and money to breach the defenses.

We've already seen such incidents as the TalkTalk data breach and the OPM hack in 2015 expect more in the New Year.

Advertisement - Article continues below

Arm the Androids

The weaponising of Android attacks could, finally, become a reality in 2016. We've already seen the warning shots being fired across the bows of the mobile landscape: Stagefright was a very near miss.

Advertisement - Article continues below

I've singled out Android for two reasons: market size and fragmentation. It has the largest number of mobiles users by a massive margin, and the OS is fragmented across handsets and versions. So not only is the opportunity for profit enormous for the bad guy, but the ability to roll out security protection against newly discovered vulnerabilities is hamstrung by the fragmented nature of the beast.

Internet of Insecure Things

Although it's not really that new, it's proving to be a revolutionary element of the tech sector, albeit in a somewhat laid back and gentle way. Yes, I'm talking about the Internet of Things (IoT), which cannot have escaped your attention and certainly hasn't passed the criminal fraternity by. The bottom line is that your data is valuable so you need to understand where it is going, and protect it both on the way and at the destination.

That's not proving as easy as you might hope for when it comes to a myriad of low-powered and minimally-resourced yet connected widgets. The exceptions are likely to be smartwatches, if adoption continues on an upward curve in 2016. These pack a fair amount of power onto the wrist, and can hold (or have access to) a lot of data.

Skills gap obesity

Perhaps the biggest threat organisations face in 2016 is the widening skills gap between those who would steal our data and those who can protect it. Security budgets are not bottomless pits, and there is often not enough money to enable IT security teams to both keep up with all developments within the threatscape and maintain the daily routine the job requires.

Advertisement - Article continues below

Criminal enterprises and state sponsored actors have the money to hire in the specialist skillsets required for a particular attack, they have the luxury of knowing precisely what they plan to do.

IT security teams, meanwhile, have to try and defend against everything and that is doomed to fail. Which brings me back to something I've said before and will keep saying again and again: it's all about the data, stupid...

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


chief information officer (CIO)

CIOs are taking their seat at the boardroom table

17 Jan 2020
Business strategy

CIO job description: What does a CIO do?

7 Jan 2020
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020