Cyber-attacks and data breaches have dominated the headlines in 2016 with a long list of high-profile names falling victim to attack. As 2016 draws to a close, more companies than ever before can expect to be targeted by hackers in 2017. With threats rapidly evolving, what top cybersecurity trends can businesses expect in the coming year?

1. Attacks launched through connected things

From connected thermostats, security cameras and refrigerators, the IoT economy shows no sign of slowing down in 2017. However, billions of IoT devices can be seen as weakly defended points of access. IoT manufacturers are failing to secure their products to protect against attacks launched through IoT devices, as with the DDoS attack launched on Dyn earlier this year, and the Mirai botnet just last week. The rush to market has meant old versions of standard software are being used and these can quickly be exploited over and over again. The industry will need to find a way to embed protection in the network, at the data level.

2. Investment in machine learning

A shortage of cybersecurity experts is leaving many businesses open to an attack. In countries where experts are in high demand, we can expect investment in machine learning to multiply, not only to fill this skills gap, but provide a scalable means to automate detection of attack vectors and events. Machine learning has the capability to speed up the process of initial risk identification and classification, which enables security teams to better manage their incident response function and take preventative actions even before security threats manifest.

3. More falling victim to social engineering

Social engineering has held the top spot as the most prolific attack technique in recent years. Following the success of targeted phishing and Business Email Compromise (BEC), and the astonishing ROI for hackers, we can expect yet more convincing attacks on employees in 2017. Personally Identifiable Information (PII) leaked through high-profile data breaches such as LinkedIn and Yahoo, could potentially be discovered and leveraged by hackers for more personalised social engineering.

4. Fiercer penalties for data breaches

In a world where new vulnerabilities are unveiled every day, it is no surprise that the EU is set to impose strict data breach regulations to protect individuals. Ahead of the GDPR regulation coming into force in May 2018, enterprises will face ever more severe penalties if data is leaked and not secured appropriately. The majority of businesses will not be ready for the new legislation regarding data breach disclosures and will likely face fines and legal action. Consequently, we will see increased demand for cyber insurance as a means to decrease risks.

5. Growing suspicion of government-led cyber-attacks

Cyber espionage tops the list of areas to watch in 2017. The US presidential race has brought the threat of electoral hacking – and the possibility of a cyber war – into public dialogue. Suspicions will grow as governments continue to use cyber skills to infiltrate other governments and perform attacks on critical infrastructure. As a result, we can expect governments in the UK and the US to increase security budgets to tackle the growing cyber threat.
While businesses do not have a crystal ball, an awareness of these trends can help them to prepare for the new wave of security threats. Today, it’s less about ‘if’ there will be a breach, and more about when a business will discover they have been hacked. Therefore, a security-aware culture is essential. Only by understanding the potential risks, can companies create an effective prevention strategy and minimise the damage of a cyber-attack in 2017 and beyond.
[text-blocks id=”3610″]