SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Six things the security industry can expect from 2018
Thu, 2nd Nov 2017
FYI, this story is more than a year old

As the end of the calendar year wraps up, the security industry is preparing for what 2018 may bring. According to Mark Lukie, senior sales engineer at Barracuda Networks, ransomware, hybrid cloud, channel opportunities, software-defined WAN and web breaches will continue to shape security.

Here are his predictions:

1)    Ransomware attacks will continue to rise in 2018

Ransomware attacks will become more widespread and targeted in 2018, as the tools cyber criminals leverage to take advantage of and develop intellectual property on to rent ransomware-as-a-service becomes more accessible.

We'll also see more ransomware attacks in 2018 using SQL injections to lock websites, rather than only blocking access to files. This will impose a higher ransom price, as well as making it much harder for companies not in control of their own websites.

The good news is that appears IT organisations are getting more adept at responding to ransomware attacks, but they shouldn't become complacent. While there's not one silver bullet approach for all businesses, they must continue protecting all entry points, whether it's email, web, end user devices or remote access, as well as focusing on their backup and disaster recovery strategies.

Artificial intelligence (AI) and machine learning are increasing being used to enable more effective and rapid detection of ransomware attacks and spear phishing.

2)        Office 365 use will continue to rise … as well as the threats

While moving email services to Office 365 is a fantastic way to provide anywhere access for employees and reduce costs, trusting your most important data to the cloud raises new concerns about security, compliance and data protection.

With more than 100 million monthly active subscribers and rising, the rapid adoption of Office 365 has made it a breeding ground for highly personalised, compelling attacks by cyber criminals. Office 365 Account Compromise attacks are on the rise, with attackers focused on attempting to steal login credentials and ultimately gain access to launch attacks from within an organisation.

A recent Barracuda survey indicated that over 85 percent of active Office 365 users said they're concerned about advanced threats (such as spear phishing, impersonation and ransomware attacks), while over 45 percent of respondents have already been a target of these types of attacks.

To avoid becoming a target, organisations need to augment the security, compliance and backup features of Office 365 with critical multi-layer security, archiving and backup. This will allow them to prepare, migrate and operate faster, safer and more efficiently in Office 365.

3)    Website breaches will continue to be front page news

Website breaches will continue to dominate headlines in 2018 – no company wants to be the next Equifax. With new legislation (Mandatory Data Breach Notification) coming into Australia, companies will be forced to focus more on security around their web applications and require better visibility and reporting wherever their applications reside.

4)    Hybrid cloud adoption to remain strong in 2018

As Australian and New Zealand organisations strive for greater flexibility in how they deliver infrastructure and data center solutions, we will continue to see an increase in hybrid cloud adoption in 2018. Hybrid infrastructure such as Azure Stack will become more prominent.

Despite public cloud adoption increasing in Australia and New Zealand, many companies (particularly government and financial institutions) can't move some workloads into this environment due to data sensitivity and regulatory issues. By taking a hybrid approach, businesses can manage their own private data centers for sensitive applications, with the flexibility and elasticity of public cloud where it makes sense.

A critical component of successfully adopting a hybrid approach is ensuring the right security posture is deployed to manage an organisation's infrastructure, data and employees in a secure fashion.

5)    Greater focus on software-defined WAN in 2018

More security vendors will enter the software defined WAN (SD-WAN) space in 2018, as they look to capitalise on faster and more reliable internet connections to connect their remote locations and data centers together with tighter integration around security, instead of having to tap into more expensive solutions.

6)    Vendor consolidation creating opportunities for the channel

Australian and New Zealand resellers are increasingly looking to consolidate some of their overlapping security vendors with technology that achieves the same outcome, with a better price point for end users. This will lead to clearer vertical and product specific opportunities in 2018.