Like death and taxes, there are only two safe predictions about cybersecurity in 2018: There will be more spectacular data breaches and the EU General Data Protection Regulation (GDPR) will go into effect on May 25. But as the continuing digital transformation of our lives entails the ongoing digital transformation of crime, vandalism and warfare, 2018 could also bring a lot of new takes on old vulnerabilities, some completely new types of cyberattacks, and successful new defenses.

The following list of 60 predictions starts with three general observations and moves to a wide range of cybersecurity topics: Attacks on the US government and critical infrastructure, determining authenticity in the age of fake news, consumer privacy and the GDPR, the Internet of Things (IoT), Artificial Intelligence (AI) as a new tool in the hands of both attackers and defenders, cryptocurrencies and biometrics, the deployment of enterprise IT and cybersecurity, and the persistent cybersecurity skills shortage.

1.) IoT vulnerabilities will get more critical and more dangerous. Despite this, there will be no real changes in US law to regulate these devices. This isn’t a very risky prediction; Congress is currently incapable of passing even uncontroversial laws, and any IoT regulation faces powerful industry lobbies that are fundamentally opposed to government involvement. More interesting is what’s happening in Europe. GDPR takes effect next year, and European regulators will begin to enforce it. The regulation has provisions on security as well as privacy, but it remains to be seen how they will be enforced. If Europe starts enforcing Internet security regulations with penalties that make a difference, we might start seeing IoT security improve. If not, the risks will continue to increase—Bruce Schneier, Schneier on Security

2.) Sophisticated adversaries will leverage the granular metadata stolen from breaches like Equifax, OPM, and Anthem, in precision targeted attacks that rely on demographic and psychographic Big Data algorithms powered by machine-learning and artificial intelligence. Attackers will deploy armies of bots to propagate the false narratives used to weaponize malicious fake news, inflate partisan debates, and undermine democratic institutions; meanwhile, they will launch multi-vector DDoS, ransomware, and malware campaigns to impede critical infrastructure cybersecurity and national security. The demographic and psychographic metadata will enable advanced spear-phishing operations against privileged critical infrastructure executives and pervasive Influence Operations against populations—James Scott, Senior Fellow, Institute for Critical Infrastructure Technology

We’re going to see more attacks that attempt to subvert two-factor authentication, as sophisticated attackers set their sights on two factor authentication-protected accounts and use flaws in SS7 to redirect SMS text messages. In addition, software supply chain attacks like the MEDocs compromise with NotPetya will be more prominent—Paul Roberts, The Security Ledger

Attacks on the US government and critical infrastructure

3.) A nation-state sponsored group will commence a 5-day long DDoS attack against a critical US government (non-DoD) agency, shutting it down in order to show their strength—The Cyber Avengers

4.) Tension with North Korea will escalate online, leading to a cybersecurity war. North Korea has defensive advantage because of the tight control of their network, therefore, China and Russia will have to play a large part in this war because of their close relationship to North Korea. We expect North Korea’s attack pattern to follow Russia’s example: targeted phishing campaigns and related “fake news” social media reports based on ideological boundaries, used to destabilize the internal social fabric of their adversaries and to gain technological advantage—Sean McNee, senior data scientist, DomainTools

5.) The probability is high that we will see the first major cyberattack on US critical infrastructure. We’ve already seen power grids and manufacturing plants in Europe attacked over the past two years — and 2018 will likely be the first year when we will see a significant attack on the United States critical infrastructure.  In October, the FBI and DHS warned of advanced persistent threat activity targeting energy, nuclear, water, aviation, construction, and critical manufacturing sectors. Critical infrastructure companies are behind in preparing their operational facilities to confront cyberattacks — making them an easy target for politically-motivated attackers—Adi Dar, CEO, Cyberbit

6.)  Next year, we will see a major compromise of a government agency’s online operations. It could come in the form of a data breach of personal information, defacement of websites, disablement of internal systems, or some combination of these. We know that governments are targets and threat actors are relentless—Tim Helming, director of product management, DomainTools

Determining authenticity in the age of fake news

7.) Fake news became a major issue in 2017 and will likely get worse in 2018. With CGI, photoshop and voice-over technology, it’s almost impossible to tell if a photo or video is real or fake. Solutions such as digital signatures and encryption enabled on trusted recording devices could help combat this issue, but the camera industry needs to include these options on equipment used by the news media—Nigel Smart, Co-Founder, Dyadic

8.) In the face of fake news, the industry will develop a reputation management scheme that will allow individuals to verify their identities through an operation that records an interaction only a person can have. This reputation scheme will be universal and follow an individual across platforms, domains and online venues, even if the person wishes to remain anonymous—Simon Gibson, Fellow Security Architect, Gigamon, and former Bloomberg CISO

Consumer privacy and the GDPR

9.) Data privacy and data security have long been considered two separate missions with two separate objectives, but all that stands to change in 2018. With serious global regulations kicking into effect, and with the regulatory responses to data breaches increasing, organizations will build new data management frameworks centered on controlling data – controlling who sees what data, in what state, and for what purpose. 2018 will prove that cybersecurity without privacy is a thing of the past—Andrew Burt, Chief Privacy Officer and Legal Engineer, Immuta

10.) In 2017, there were several large-scale breaches that covered three key areas: sensitive healthcare information, government clearance information, and financial and credit data. In 2018, that data could become available on the dark Internet in aggregate, giving any individual or group the opportunity to conduct small-scale and highly targeted attacks such as bribery or eliciting an illegal act—Sean Curran, Senior Director, West Monroe Partners

11.) Chatbot takeover: In 2018, some financial institutions will begin using chatbots to facilitate payments, and this will lure cyber criminals who will impersonate good users and take over their accounts, possibly using remote access into the regular user PC to neutralize any device-based recognition—Uri Rivner, VP of Cyber Strategy, BioCatch

12.) As businesses increasingly become data-driven to gain competitive advantage, the security industry continues to introduce sophisticated technology tools to keep sensitive customer, employee and partner information safe. In 2018, the next frontier in this battle to protect information will be the advancement of technology powered data privacy management solutions. Through a holistic practice of data governance, businesses will ensure that data remains secure and compliant with global legal regulations and user privacy requirements—Chris Babel, CEO, TrustArc

13.) Our Identity is no longer ours. Personally Identifiable Information (PII) is no longer valid since so much of it has been exposed in breaches over recent years. Everyone needs to acknowledge that they have been breached and are vulnerable, and that attackers have more of our personal information than ever before. As a result, we will start to see new types of attacks that leverage the rich amount of PII that is publicly available. Given the huge pool of PII data collected it could be weaponized to cause massive attacks on major entities (e.g. government, financials, healthcare system, etc.), and the rich data they have on individual users could create uniquely sophisticated phishing/social engineering attacks that are undetectable and indistinguishable from the real thing, life-taker-over will be a possibility—PJ Kirner, co-founder and CTO, Illumio

14.) As the velocity and sophistication of security threats continue to rise, in-network threat detection and response must move to the top of every organization’s priority list in 2018 to reduce their potential for being breached. I also expect formal regulations will be enacted and consequences more heavily applied to organizations that do not implement a minimum standard of prevention, detection and response technology—Tushar Kothari, CEO, Attivo Networks

15.) We will witness an increase in GDPR-style legislation and regulations. Status of preparation and enforcement will be the top cyber concerns for company leaders and boards.  Starting with GDPR, the EU has become a trendsetter for global data privacy and next year we are bound to see more countries striving to align with the privacy laws of the European Union—Jason Albuquerque, CISO, Carousel Industries

16.) Fraudsters are moving on from traditional transactional fraud towards the rich target of traveler profile and booking data, causing a renewed focus on industry solutions for privacy and security. Travel data is a rich target – profile data can give criminals access to passport and credit card numbers, home addresses and contact details, and even family and personal preferences. Booking data discloses movement and potentially confidential business activities. In 2018, the industry will continue to see increases in data breaches as cyber criminals refocus their attacks—Si-Yeon Kim, Chief Risk and Compliance Officer, American Express Global Business Travel

17.) As organizations realize the immensity of the task to become GDPR-compliant by the May 25th deadline, we will see a lot of panic. Ill-prepared organizations will have to quickly find a way to bridge the gap and become at least partially compliant. We foresee major challenges related to the reporting requirements; organizations will need to find a quick and efficient way to gather the full scope and possible/actual impact of a cybersecurity incident in order to avoid fines and all the bad PR that comes with it—Gilad Peleg, CEO, SecBI

18.) GDPR will be the Y2K of 2018: Companies are publicly touting their GDPR readiness, but behind closed doors, I expect a lot of uncertainty about the ability to comply with these new and incredibly strict guidelines. While GDPR won’t result in the same public hysteria as Y2K, IT practitioners who were around at the turn of the century will feel a bit of déjà vu. In particular, many companies in the US are waiting to see how GDPR plays out stateside, and I expect in the first few years after its enactment, the EU will look to make an example of a multinational who fails to check all the boxes—Malcolm Harkins, Chief Security and Trust Officer, Cylance

19.) Healthcare has become a high value target as technology in this industry is widely disparate, but is being connected over networks that are still catching up from a security perspective. I would predict more ransomware style attacks that impact patient care or patient data—John Germain, CISO, Duck Creek Technologies 

The Internet of Things (IoT)

20.) Brands have been quick to jump on the IoT bandwagon, but they will have their hands full. In 2017, we saw KRACK and BlueBorne exploit WiFi and bluetooth, opening fresh holes in our already battered perimeters. Hackers will continue to leverage unprotected devices to spy on their users and break into home and corporate networks. Multiple botnets exploiting vulnerable IoT devices will be new minions in DDOS attacks, and threaten to take down news and government websites. Millions of consumers will fail to realize that their IoT devices and home networks are being exploited until they finally get to the bottom of why Stranger Things is so slow to download, and unplug their internet-connected toothbrush. Manufacturers will start to address these security faults or risk losing to the companies that bake-in security from the start. GDPR may save the day in the long run, forcing businesses to reconsider personal data collection via IoT, but we won’t see this effect until at least 2019—Ken Spinner, VP of Field Engineering, Varonis

21.) 2018 will be a challenging year for the Industrial IOT (IIoT) industry. Hackers know that these companies are now online and more connected than ever, which increases vulnerability. Security is crucial, because a hack could spell life-or-death for consumers. For example, if a car manufacturer’s assembly line was hacked, it could cause vehicle malfunctions, endangering passengers and causing reputational and liability problems for the company. For these reasons, we will start seeing more cyber-security companies targeting this market with solutions. To effectively manage the expected influx in cyber events, IIoT organizations will need to increase spending on cybersecurity initiatives—Shachar Daniel, CEO, Safe-T

22.) In 2018, we will see the first medical IoT hack leading to stolen data. I can imagine an MRI machine or a sonogram being hacked, and scans, alongside patients’ personal information, being leaked to a public forum—Renaud Deraison, Co-Founder & CTO, Tenable

23.) Since 2015 we’ve seen a huge uptake in the development of commercial uses for drones including: construction surveying, mine surveying, deliver services, agricultural monitoring, most recently disaster and insurance assessment, etc. These devices range anywhere from a few pounds, up to 50+ pounds, and are guided either by a connected pilot or via an autonomous system; both of which are susceptible to influence or interruption by external actors. Drone manufacturers are in a race right now to create the “GoPro” of the drone industry, the product that defines the entire market, and in this race security most likely will be an afterthought. Early attacks will probably start out as amateur script kiddies trying to see if they can hack a flying drone, but could evolve into coordinated attacks by professional hackers—John Comwell, senior data scientist,DomainTools 

24.) As we look at the IoT, especially at OT-type environments and manufacturing plants, where there are industrial-type systems that are all connected, we’re starting to see how the operational world and the traditional IT world will come together. We will see continued merging of traditional safety (e.g. safety of employees) and IT security. And the more connected devices we see, the more prevalent this integration will become—John Grimm, chief strategist for cloud and IoT security, Thales eSecurity

25.) Smart homes are the newest trend to grow by leaps and bounds this year and we can connect everything from lights, toasters, door locks, cameras, thermostats, and even refrigerators to our networks. While this initially seems like a cool and convenient way to automate processes in our home, these items aren’t rigorously tested from a cybersecurity perspective. Hackers can exploit unknown vulnerabilities present these connected devices to breach your home’s networks or to gain unauthorized access to your home without having to resort to traditional methods of breaking into the house—Antwanye Ford, CEO and President, Enlightened

Artificial Intelligence as a double-edged sword

26.) The way the good guys and bad guys use AI will shift. Cybersecurity is an arms race and the weaker party will resort to asymmetric means to achieve its goals. Just as organizations are adopting machine learning and AI to improve their cybersecurity posture, so are the threat actors. Attackers are using machine learning to speed up the process of finding vulnerabilities in commercial products, with the end result being that attackers will use ever more new exploits without signaling that AI was involved in their creation. AI will also increase the number of qualified cybersecurity professionals as it lowers the barriers of entry into the profession and allows less trained individuals to still be effective on the front lines of the cybersecurity battle. In addition, AI will allow existing cybersecurity professionals to move up-market by leveraging AI to find more complex attack scenarios before they do significant damage— Oliver Tavakoli, CTO, Vectra

27.) Across the board, more criminals will use AI and machine learning to conduct their crimes.  Ransomware will be automatic, and bank theft will be conducted by organized gangs using machine learning to conduct their attacks in more intelligent ways. Smaller groups of criminals will be able to cause greater damage by using these new technologies to breach companies and steal data. At the same time, large enterprises will turn to AI to detect and protect against new sophisticated threats. AI and machine learning will enable them to increase their detection rates and dramatically decrease the false alarms that can so easily lead to alert fatigue and failure to spot real threats—Mark Gazit, CEO, ThetaRay

28.)  Traditional spear phishing attacks required an intense amount of human labor, therefore have been relatively costly. In 2018, greater access due to less expensive artificial intelligence will result in a high number of targeted malware attacks designed to do something new: Blackmail— Miller Newton, CEO, PKWARE

29.) Automation will likely take center stage in 2018 as the leading security trend. On a whole this is good news, because it ensures that more actors have adequate security postures, and it makes sense for modular devices (like IoT) that present difficulties when it comes to firmware upgrades, but automation also creates a number of challenges namely for industries dependent on older versions of software, firmware and operating systems. In addition, automated security updates across the board could actually make it easier for hackers to carry out large-scale attacks that will affect a larger number of endpoints that are on the automated update schedule—Ofer Amitai, CEO, Portnox

30.) The same technologies that improve corporate defenses will also likely be used to attack them. An AI with all the right information about a target could ultimately trick them into clicking anything or sending out any data desired. Advances in AI and machine learning are a double-edged sword, improving product experience but also useful for hackers and cybercriminals—Gene Stevens, Co-Founder and CTO, ProtectWise

31.) AI-based analysis of behavioral biometric data will be the next major trend in cyber security and data protection. Sophisticated machine learning algorithms are able to build up a profile of a user’s typical behavior, identify unusual patterns of activity and highlight potential threats in real-time, before they have a chance to materialize. By automatically identifying suspicious data the whole security process becomes more efficient, obviating the need for a painstaking manual review of log data—Csaba Krasznay, security evangelist, Balabit

32.) Cyber threat detection will become more automated and advanced in threat classification and analysis. The next stage in the utilization of dark web monitoring will be the automation of HUMINT (human intelligence) – the interactions with threat actors necessary for deeper investigations. Security companies will develop chatbots supported by deep learning algorithms that are able to approach hacking forum members, analyze their responses and skip several manual stages—Alon Arvatz, co-founder and CPO, IntSights

The trouble with Cryptocurrencies

33.) Cryptocurrency was a “killer app” and enabled and fueled the growth of ransomware and related ransom threats in 2017. This will continue to grow in 2018 to include holding identities for ransom. Users will receive emails or phone calls telling them that their SSNs and other information has been compromised (with evidence) and then instructed to pay via bitcoin to prevent the data from being leaked—Michael Klatt, VP of research and development, DomainTools 

34.) In 2018, a major vulnerability will topple the value of one of the popular cryptocurrencies, causing it to effectively “die”. Cryptocurrencies, including Bitcoin, Ethereum, Litecoin and Monero, maintain total market capital of over $1 billion, which makes them a more appealing target for hackers as their market value increases. Several hacks against Ethereum have temporarily dropped its value in the past few years – we predict that in 2018, a major hack against one of these cryptocurrencies will damage public confidence to the extent that it never recovers—Marc Laliberte, Information Security Threat Analyst, WatchGuard Technologies

35.) [Bonus Update] 2018 will pose security challenges to cryptocurrencies. 2018 will also see a slew of vulnerabilities like the flaw with Parity and the Ethereum currency that led one developer to lose $300 million in cryptocurrency. With cryptocurrencies becoming more mainstream, 2018 will also see more malicious activity and malware of the sort that allowed hackers to copy and replace data with CryptoShuffler. Hackers swapped legitimate owners addresses with the hacker’s address, as if a crypto transaction had occurred. Despite these dangers, cryptocurrencies will grow with many smaller transactions taking place–Michael Shalyt, CEO and Co-Founder, Aperio Systems

35.) [Bonus Update] Another major breach on cryptocurrency exchange will lead to substantial decline in Bitcoin value and other major cryptocurrencies, further government involvement will be seen with regulations beginning to form to remove some of the original core principles around anonymity to reduce fraudulent use. Banks will be first to create a regulated currency followed by Russia and China and possibly followed by the big 5 tech companies–Paul Barnes, Senior Director, Product Strategy, Webroot

Biometrics and multi-factor authentication

36.) Passwords are horrible, impersonal and put the burden on users to prove who they are. With the launch of Face ID, after the huge success of fingerprint readers in iPhones and Android devices, we will see more, true consumer-ready biometric authentication capabilities. Combined with the progress in Push Authentication (Google just defaulted to this over SMS authentication) and the mass of device data, we will finally see our biological selves become more securely connected to our digital identities—Simon Thorpe, Director of Account Security Products, Twilio

37.) In 2018, It’s time to start thinking beyond two-factor authentication and start considering what’s next for safeguarding our systems. Organizations will begin adopting automated tools to analyze their social media presence for threats and suspicious behavior, just as they do now on their own network. Moreover, the traditional method of employee training will become even more crucial for organizations—Phil Tully, Principal Data Scientist, and Zack Allen, Manager, Threat Operations, ZeroFOX

38.) In 2018, we’ll see less emphasis on traditional passwords and more on ways to achieve security via two-factor authentication techniques involving biometric solutions like voice recognition, facial scans and fingerprints. For security vendors, the storage and record-keeping stakes are higher to protect biometric data because contrary to a credit card number that can be discontinued, you can’t replace a person’s facial structure with a new one once a facial scan is compromised—Darren Abernethy, senior global privacy manager, TrustArc

29.) The Infrared market will get a boost from biometrics technology in 2018. Biometric Identification is introduced on a growing list of devices. With better illumination and the ability to generate IR images of the user, the more accurate facial recognition applications become, reporting less false positives. With personal identification and security matters on everyone’s minds, the demand for high-performance, reliable biometrics is exponentially growing—Mark Adams, CEO, Lumileds

40.) In 2018, midsize and distributed enterprises will finally adopt multi-factor authentication (MFA) in droves. In 2017, 81 percent of hacking-related breaches involved stolen or weak credentials, so the security industry agrees that MFA is the strongest type of authentication – but until now, the adoption of MFA systems has been hindered by their complexity and requirements for on-premises infrastructure. In the coming year, we believe the continued growth of SaaS and smartphones will spur massive MFA implementation amongst SMBs and distributed organizations—Corey Nachreiner, Chief Technology Officer, WatchGuard Technologies

41.) Increasing use of multi-factor and biometric authentication: Through the maturing of technologies like neural chips and deep learning, we’re seeing significant improvements in the accuracy and reliability of a variety of biometrics that can make authentication of drivers, passengers, and 3rdparties like delivery services, retailers, service personnel, etc. both safer and more convenient.  As they grow cheaper and more effective, stronger authentication technologies can be embedded in vehicles and even infrastructure, enabling new modes of “frictionless” commerce.  Apple Face ID is one example, where the chance of a rogue match is reportedly decreased from 1 in 10,000 for Touch ID fingerprints to 1 in 1,000,000 for faces.  In addition, the variety of biometrics is expanding beyond some of the more traditional types like fingerprints, face recognition, and voice to things like gait and even heart shape.  Together with sensor fusion, a variety of biometrics can be combined to provide strong authentication with minimal inconvenience, enabling fast, safe, and almost frictionless use of connected transportation—Shaun Kirby, CTO, Cisco

42.) [Bonus Update] 2018 will be an interesting year for biometrics with Apple’s shift to Face ID on the iPhone. It will likely be the largest adoption of facial recognition technology in history and the response from iPhone users and security researchers is of great interest to the security community. It’s certainly a sign that biometrics are becoming more of a commonplace technology with a critical place in authentication. It’s interesting to see the consumer market leading the enterprise market in the adoption of biometrics. The major smartphone vendors are making it easier for the enterprise market to move towards passwordless–Stephen Cox, Chief Security Architect, SecureAuth

The deployment of enterprise IT and cybersecurity—Cloud, DevOps, etc.

43.) Cyber attackers will begin looking at mainframes as a future source of attacks. Overlooked by security teams whose attention is diverted to protect the latest mobile or cloud-based innovations, mainframes are the epicenter of financial services for thousands of global organizations including 92 of the world’s top 100 banks, posing an attractive higher value target for attackers. These systems currently support 29 billion ATM transactions a day and 87% of all credit card transactions. Mainframes can also be utilized for multiple different attack scenarios, particularly espionage. From a single location, an attacker could gather significant competitive or strategic intelligence—Ofer Israeli, CEO, Illusive Networks

44.) Humans will continue to be the weakest link in security. While vendors will come out with new whiz-bang capabilities in 2018 using artificial intelligence, machine learning and blockchain, most will fall short of the mark when it comes to securing the enterprise—Ian Paterson, CEO, Plurilock

45.) Cyber Security truly arrives on Main Street in 2018 – this will mean that SMBs are going to realize en masse that they are now just as vulnerable (if not more) and have more to lose than their larger counterparts in the private sector. The volume of articles and reports on the costs and value of different cyber tools and services will exceed that of 2017—Jon Loew, CEO, AppGuard

46.) As businesses continue to migrate to the cloud and with increasing adoption of containers it becomes critical to integrate security into DevOps. This becomes essential with the deployment and tracking of thousands of lightweight containers that can be leveraged by malicious threat actors. Attackers who previously spun malicious software processes to establish persistence can now launch containers inside the datacenter and do the same across multiple containers. Deception technology will make it possible for DevOps to provide early detection of malicious activity and lateral movement inside data-centers—Venu Vissamesetty, vice president of research, Attivo Networks

47.) More organizations will turn to SaaS-based security solutions to enable them to move to the cloud, and they’ll more immediately reap the benefits — visibility, forensics and analytics at scale, DevOps-friendly technology, and an end to solution sprawl—Kelly Brazil, VP of Systems Engineering, ProtectWise

48.) Security software will have a target on its backIn 2018, we anticipate that cybercriminals will look to target and exploit more security software. By targeting trusted programs and the software and hardware supply chain, attackers can take control of devices and wholeheartedly manipulate users. As more events of these types become known, the public and business perception of security software, and particularly antivirus solutions, will further deteriorate—Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes

49.) Enterprises will make a meaningful move to predictive security rather than reactive. The market is becoming more sophisticated when it comes to cloud security and they are pushing the envelope around integration and incident life cycle management. We predict that companies will really start to be much more proactive at managing security within the DevOps lifecycle. There is a huge need to integrate security into the development process rather than reacting to issues once a project has been deployed to production. If companies can implement the DevSecOps mindset into both their culture and products in 2018 then security will be all around better for it. This mindset will need to affect both hiring practices and processes for companies and it will potentially fundamentally change what a security engineer looks like—Tim Prendergast, CEO, and John Martinez, VP of Customer Solutions, Evident.io

50.) In 2018, we will see a rise in insider threats and compromised business addresses. Attackers will spend more time on the attack gathering as much data as they can and will target key people in a company to either turn or compromise for their own gain. Additionally, business addresses will be compromised for use in attacks. Websites will be compromised to host malware, digital currency mining operations, or data gathering—Bob Adams, cybersecurity strategist, Mimecast

51.) Everything in technology is a pendulum swing, with constant shifts back and forth, and the emergence of the cloud is a classic example. In 2018, we’ll see the pendulum swing back to managing things on premise rather than the cloud. Nation-state paranoia has created a desire to keep data close to home, so we’ll likely experience a shift into data being stored on-prem rather than virtually. In a perfect world, this is not the best solution; rather, enterprises should strike a balance between keeping certain security elements in the cloud and others onsite—Neill Feather, President, SiteLock

52.) Enterprise ransomware will become a major trend. Disruptive and destructive attacks came to the forefront in 2017 with the WannaCry, NotPetya and BadRabbit malware outbreaks that have successfully taken companies offline for days and, in some cases, even weeks. While mostly destructive and not truly ransomware in nature, these attacks highlighted the potential for criminal groups to hold entire networks hostage while demanding millions of dollars in ransom from businesses who need to get their operations back up and running. These viral ‘enterprise ransomware’ attacks will likely become a major trend amongst the e-crime actors in 2018—Dmitri Alperovitch, Co-Founder and CTO, CrowdStrike

53.)  In 2018, organizations will be fighting the next wave of highly sophisticated attacks from well-funded criminal and nation-state actors with mostly the same solutions they’ve had in place for the past few years. Nothing truly innovative has received wide market adoption and this will give an asymmetric advantage to the attackers, resulting in some unpleasant surprises that will play out in boardrooms and C-suites throughout the year. For example, I predict the first truly disastrous attack on one of the three largest public cloud providers (Amazon AWS, Microsoft Azure or Google’s GCP) as well as more destructive attacks and even larger data breaches. This will result in a temporary slowdown of cloud adoption and fines reaching the $125M-$150M levels, based on the enforcement of the EU’s General Data Protection Regulation (GDPR), which is due to take effect on May 25, 2018—Nir Gaist, Founder and CTO, Nyotron

54.) In 2017, eCommerce fraud jumped 300-600 percent, compared to fraud rates in 2016. The fraud rate grew considerably especially post July 2017, which is highly correlated with the timing of the Equifax breach. This dramatic growth in fraud rates varies by vertical (i.e. footwear v. apparel v. cosmetics), however the increase is directly correlated with recent major data breaches, where fraudsters gain access to consumer emails and passwords and use them to make purchases before the consumer realizes their vulnerabilities. As a word of warning to merchants out there, when you see a sudden increase in fraud that can’t be explained, don’t be surprised if you see an announcement in the coming months that a data breach occurred right around the same time. In 2018, we can expect that cyber-criminals will continue to target businesses with increasingly sophisticated strategies and retailers will need to respond with greater measures of protection such as machine learning, velocity engines and biometrics—Michael Graff, Rick Analytics Manager, Radial

55.) The overall security landscape in 2018 will be centered around two things, the cloud and IoT. Each of these lead to one overarching challenge for security teams: scaling their security solutions to maintain pace with skyrocketing bandwidth demands. The rapid decentralization of the workforce and business cloud applications will exponentially increase complexity as securing this distributed bandwidth will be a challenge if using a centralized approach to cybersecurity. Organizations will need to quickly come up with a solution that can secure this suddenly massive amount of bandwidth without facing prohibitive cost increases—Paul Martini, CEO and Co-Founder, iboss 

56.) Security spend will shift from infrastructure to the application: Leading-edge security organizations are moving towards perimeter-less security changing how they allocate their budget. The perimeter has shrunk to the individual application causing attackers to adjust their methodologies. Most major compromises are now targeted at the application itself and the data within, via the web application, the API, or even microservices. Attackers have shifted their methodologies to match the modern design paradigms, in 2018 enterprises will shift their security programs to match these changes—Tyler Shields, VP of Marketing, Strategy & Partnerships, Signal Sciences

57.) Standardized hacking techniques will make attribution even harder: In 2018, more threat actors will adopt plain-vanilla tool sets, designed to remove any tell-tale signs of their attacks. For example, we will see backdoors sport fewer features and become more modular, creating smaller system footprints and making attribution more difficult across the board. And, as accurate attribution becomes more challenging, the door is opened for even more ambitious cyberattacks and influence campaigns from both nation-states and cybercriminals alike—Kevin Livelli, Director of Threat Intelligence, Cylance

It’s the people, stupid

58.) In 2018 the role of the CISO will continue to evolve to encompass public policy, law enforcement, privacy and an understanding of the threat landscape. While the industry has grown rapidly, we have a lot more maturing to do as new integrations of systems and technologies, as well as politics emerge. Maturity is something the entire industry struggles with, but we anticipate it to progress much further in 2018—Justin Somaini, CSO, SAP

59.) According to recent research, only 11% of the world’s information security workforce are women. A number of organizations are dedicated to helping women succeed in cyber security, such as Women’s Society of Cyberjutsu (WSC). The lack of security talent also presents a massive opportunity in 2018 for women to enter the field to make up for the talent shortage currently seen in cybersecurity—Mike McKee, CEO, ObserveIT

60.) In 2018, more companies will adopt security-first thinking. Imagine a moat surrounding a castle, protecting the king, queen, and other residents from invaders. Only in this case, instead of people you have Personally Identifiable Information (PII), proprietary files, intellectual capital, medical information, legal documents, and other information that should only be seen and shared with the people and organizations you authorize. To adopt such a culture at your organization, get your people thinking about security with regular awareness campaigns, simulated security attacks with phishing and other attack vectors, and improved record keeping policies to manage and encrypt key organizational data—Erik Brown, CTO, GigaTrust

61.) The current talent gap in cybersecurity skillsets is truly massive and in 2018, it will only widen. The industry will continue to require a diverse set of skills as cyber resilience strategy advances.  Organizations will begin to look at nontraditional roles, experience and education, based on the right attitude and aptitude, to fill these much-needed cybersecurity positions—Jason Albuquerque, CISO, Carousel Industries

62.) Companies will create their own cyber talent: As the cyber skills shortage continues to increase, enterprises will recognize they need to create their own cyber talent rather than waiting for it to appear. In 2018, organizations will become more proactive about addressing the cyber talent gap and implement internal training to create more talent. Companies will also begin pushing the public dialogue towards more cyber skills education at an earlier age—Neill Feather, President, SiteLock.

  • Content by: Gil press, Forbes Contributor
  • Originally published at: https://www.forbes.com/sites/gilpress/2017/11/26/60-cybersecurity-predictions-for-2018/

Schedule-demo-button_cropped

 


EZAssign Version 1.31 Pre-Release for Customers Attending Dreamforce this week? Look for EZAssign and EZProtect in the Developer Lounges!