Netwrix Corporation: Top 5 Emerging IT Security Threats for 2017
December 2016 by Netwrix
The year 2016 was definitely not the best year for cybersecurity. A series of headline-making breaches like those at MySpace, LinkedIn, Friend Finder Network and Mossack Fonseca have proven that hackers are currently beating organizations in the field of data protection. In 2017, the situation is unlikely to get better; rather, we will see an increase in sophisticated attacks that force organizations to seek new ways to safeguard their businesses against growing cyber threats.
Netwrix Corporation, the first vendor to introduce a visibility and governance platform for hybrid cloud security, looks at the cybersecurity trends and threat patterns that are most likely to affect organizations in 2017:
1. Connected systems and devices. Increasingly connected infrastructures and the widespread adoption of IoT will bring new security risks and expand the surface for cyber attacks. Hackers will likely try to exploit vulnerabilities within smart systems to gain access to organizations’ critical assets, and they may even put people’s lives in jeopardy (e.g., by sabotaging self-driving cars).
2. Cloud hacks. According to the Netwrix 2016 Cloud Security Survey, cloud is gaining traction, with the number of organizations using the technology increasing from 43% in 2015 to 68% in 2016. However, growing volumes of sensitive data stored in the cloud will stimulate hackers to invent new ways to compromise IaaS and SaaS providers. Another disturbing trend will be a rise in DDoS attacks targeting cloud and hosting service providers, which are already called a “new ransomware” and may potentially make CISOs more reluctant to use cloud technologies.
3. State-sponsored attacks. Culprits backed by nation-states will remain a headache for governments and businesses alike, due to their ability to perform large-scale attacks without being noticed. State-sponsored hackers will use ever-more sophisticated techniques to sabotage elections, bring disorder to business operations and steal information about projects of national significance.
4. Machine learning. Machine learning has amazing potential in the cybersecurity field, but in 2017, this technology will be of great interest to hackers as well as IT pros. While organizations will use machine learning as a tool to improve detection of anomalies in user behavior, generate threat predictions and remediate security issues, culprits may use its algorithms as a weapon to enhance social engineering attacks or perform vulnerability scanning.
5. New security regulations. The growing market demand for stronger security will force regulatory bodies to develop new compliance standards and legislations in response to the latest cybersecurity threats. At the same time, organizations will likely increase their use of self-regulatory procedures to regularly monitor their own adherence to standards.
“Critical infrastructures, cloud services and internet of things will be under severe pressure in 2017, as cyber attacks continue to mature and expand,” said Michael Fimin, CEO and co-founder of Netwrix. “The additional threats are coming from nation-state and sponsored attackers, who are ready to use their power to obtain highly sensitive data from federal governments and large enterprises. In light of the devastating breaches of 2016, organizations need more than ever to have pervasive visibility across their IT environments and make sure their security mechanisms are strong enough to protect them against emerging threats.”