2015 has been the ‘year of the breach’ with almost weekly compromises becoming the norm. Cyber criminals seemed often to be one step ahead of the security industry, using an evolving arsenal of cyber attack techniques to successfully breach networks. It is therefore critical to discuss the cyber trends we can expect to see in 2016 and how companies can best protect themselves against these emerging threats.
2016 will be considered the ‘year of the exploit’. For instance, we will see a shift to higher impact cyber crime. This higher consequence crime is currently on the rise with nation states and organized criminal networks continuing to steal IP and other valuable information to gain economic advantages or cause a negative economic impact in rival countries. Groups will become bolder in their hacking operations, not content with just stealing data, but also affecting the functionality of systems or even destroying the stolen data so a company can no longer access it.
This year will also be characterised by a rise in stolen DNA and fingerprints to commit fraud and identity theft. We will see the stolen Personally Identifiable Information and Intellectual Property (IP) of organisations exploited to commit fraud, replicate identities and compromise consumers, commercial organisations and intelligence activities. This will increase the hacking of organisations that hold DNA and other data like fingerprints as these unique signatures are increasingly used for authentication to devices and services. This growing area of criminal activity will require a holistic approach to monitoring threat levels across organisations through specialized cyber security and intelligence software.
The final emerging vulnerability is the possibility of losing control of critical national infrastructure. Already, there is a real threat that the vulnerabilities of critical national infrastructures could fall into the wrong hands. Nuclear power plant ‘zero-day’ vulnerabilities for instance, can be purchased for only $US8, 000. As computer viruses continue to evolve, malware could be used to take control of the world’s large scale industrial control systems– eventually even extending to transport.
The Evolving Cyber Landscape
2016 will see a continuing skills shortage of people with the right cyber security skills. People who have direct first-hand experience in identifying cyber risks and improving defences are in high demand but low supply and this will worsen as the size of security teams increase.
With such a big shortfall, companies are starting to adopt Security as a Service (SECaaS) as a stop-gap measure. This outsources their security to another company that has more expertise and can scale more cost-effective security to all of its customers. Companies need to understand that while they can outsource responsibility they cannot outsource accountability, so need to consider the benefits and risks involved.
However, many organisations do not adequately assess the security practices of third-party partners and supply chains - despite findings that consistently point to breaches caused by third parties.
While most organisations do include security provisions in contract negotiations with external vendors and suppliers, what needs to change is the level of focus and standard of security expected. Currently these standards are too low and organisations must hold themselves and others to higher levels of cybersecurity.
Countering Cyber Threats
Governments are finally wising up to the fact that cyber crime, cyber espionage and cyber attacks are a defense issue. The way to combat the threat is through intelligence, and as many governments do with other forms of security intelligence, cyber security threat information will increasingly be shared between governments and commercial organisations alike.
We will continue to see these types of initiatives being adopted by governments, moving cyber security and breaches to a regulatory space. Commercial organisations and government departments need to be prepared for the impact, and this issue will once again become a board-level/ministerial conversation.
As cyber legislation tightens and requires increased accountability, companies will need a better understanding of network compromise. Many are turning to advanced analytics to identify threats and raise the alarm in order to discover the three stages of a hack – find what’s coming into the network, what it’s doing inside the network, where it’s leaving the network and what it’s leaving with.
This will require a greater investment in cyber intelligence technologies that enable rapid detection and response. Companies now understand sophisticated cyber criminals have rendered traditional perimeter defences, like firewalls, VPNs, and antivirus and malware tools ineffective. A priority for 2016 will be to detect threats inside the firewall as they develop to defend and ultimately prevent significant damage from occurring.
Organisations therefore need to apply a layered approach to security, as there is no one miracle piece of software which can protect against all never-before-seen threats. The use of analytics can also uncover any anomalies hidden within the network and allows organisations to act early in the threat timeline, before extensive financial and reputational damage can be done.
This, combined with a culture of cyber awareness from the board level down to all parts of the organisation, can provide a strong defence against the threat of high impact cyber attacks.