Another year has passed and it was one that encapsulated the need for businesses to make cybersecurity a regular boardroom topic. 2017 has highlighted that basic security hygiene is lacking and this is why some of the most successful attacks have come from using basic methods. However, with the General Data Protection Regulation (GDPR) expected to force organisations to adopt best practice controls, threat actors will look to stay one step ahead and repeat the disruption they have caused in 2017. So what will this mean for organisations in 2018 and how should they prepare? Here are my five predictions:
GDPR will force organisations to assess their wider data security practices
With GDPR fast approaching, organisations are realising they have no easy way to map all of their critical data, whether unstructured, structured, or big data, and monitor how it is processed or controlled in a complex infrastructure of virtualised, on-premise and cloud environments. With the principles behind GDPR focused on securing data and 'privacy by design’, security teams will be looking to implement a strategic approach for integrating security tools into the data lifecycle, to avoid hefty fines and ensure they keep a competitive edge and be seen as a trusted organisation
Attention will be turned inside out
Insider threats are becoming a greater risk to businesses, not just in terms of negligent or malicious employees, but also in terms of the collaboration from external attackers. Attackers are increasingly using techniques such as advanced phishing and social engineering to steal privileged credentials, which allows them to move inside sensitive networks by masking themselves as trusted employees. Security teams will need to start looking at using the right combination of technology, people and processes to put in place a robust insider threat program and this is where we can potentially see Managed Detection and Response (MDR) services playing a bigger role in the industry.
Organisations will require cloud-delivered security to fit their cloud plans
2018 will see an increased adoption in cloud-based security services, in order to have quicker access to advanced enterprise security that can scale at the pace of digital transformation. As cloud projects are implemented in order to keep operational costs down and streamline efficiency, the same requirement will be expected of security. However, managing multiple technologies in hybrid environments will require working with a strategic managed security services provider (MSSP) in order to provide a central interface for monitoring these assets and funnel the huge number of alerts into critical incidents, as opposed to being bombarded with false positives.
Security skills will be a critical factor in enabling digital transformation
Organisations will continue to transform their digital assets in order to optimise their time-to-market and customer experiences, however 2017 has shown us that not embedding cyber resilience into these projects can mean losing customers and spending huge amounts of time and money to recover from breaches. This has partly been due to poor security practices, but also due to the lack of security skills to cope with new technologies, both in IT and security. Organisations will need to assess whether they have the right skills in place to enable digital transformation whilst responding to the inevitable onslaught of advanced cyber attacks.
Incident response will require better incident readiness
The constant rounds of large scale breaches in 2017 has given a lot for organisations to think about, especially, how best to respond to an attack. Our 2017 Risk:Value report showed that organisations expect to take an average of 74 days to recover from a breach. Proactive measures will be looked at in order to better prepare for advanced persistent threats (APTs) and ensure business disruption is kept to a minimum. This will require a robust and flexible partnership with security experts who can implement the right processes and controls from the start but also respond quickly to an attack, should the worst happen.