Predicting the future of cybersecurity is a big deal in the security world. Every year, experts will put out their predictions of the biggest cybersecurity threats for the coming year. Sometimes, they actually get it right.
The folks at the Information Security Forum (ISF) have gone a little longer range in their predictions, with their Threat Horizon 2018 (yes, you read the year correctly). The report contains three themes that we should be preparing for: Technology adoption dramatically expands the threat landscape; the ability to protect is progressively compromised; and governments become increasingly interventionist. In a formal release, Steve Durbin, managing director of the ISF, stated:
We predict that many organizations will struggle to survive as the pace of change deepens. Therefore, at least until a conscious decision is taken to the contrary, these three themes should appear on the radar of every organization, regardless of size.
I asked Durbin what he thought was the most important takeaway from the report – where did he think the primary security threats will be focused by 2018. This is what he told me in an email response:
The two main pullouts from Threat Horizon 2018 for me are IoT and Regulation. IoT is significant because we’re increasingly seeing more and more such devices impacting our daily, not just corporate, lives and yet many devices do not have security designed into them. They are consumer devices or intelligent consumer goods yet all have the ability to suck in information and share it at an exponential rate, making the job of securing our data all the more challenging.
The regulation findings are important because we’re seeing such an increase in compliance requirements and these, coupled with new legislation such as the Privacy Shield, the EU GDPR and more localized laws, are going to have a very real impact on the manner in which organizations have to manage their mission critical information assets.
The Threat Horizon doesn’t sound positive. After all, the opening of the report warns that organizations are losing their way when it comes to security, struggling with:
… a maze of uncertainty, as they grapple with complex technology, proliferation of data, increased regulation, and a debilitating skills shortage.
The positive takeaway? This is a prediction of what the future of the threat landscape could – and probably will – look like. It means that companies can address today’s security problems with an eye to the future and begin putting together a proactive approach, rather than waiting to react.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba