With 2016 bringing political polarization into cybersecurity, we take a look into the top global cybersecurity threats in 2017
Now that we have moved into 2017, we can truly dub 2016 as the year that cybersecurity went mainstream, as it polarized American politics on both sides of the aisle. As a matter of fact, cybersecurity is such a priority issue that the President Elect’s top counter-terrorism advisor is a specialist in the industry. Despite all that, the cybersecurity threats in 2017 are still very tangible, and we all need to play our part in raising awareness.
The Real Cybersecurity Threats To Look Out For
With cybersecurity threats growing unabated, security leaders are under pressure to drive greater visibility in all facets of their security footprint and demonstrate ROI from continued growth of security investments. That is what cybersecurity strategies are all about: risk management and loss prevention. With a well thought out cybersecurity management plan, the cyber threats listed below can be thoroughly mitigated and resource allocation can be better assessed.
The corporate cybersecurity world is already one of, if not the most, difficult places to navigate and appropriately protect from outside forces. Having said that, 2017 is primed to be a year of what some may call the “incentivized insider threat.” In other words, organizations are so fixated on protecting their data from potential outside threats, that they are not employing any resources towards protecting it from the inside. It was recently shown that nearly 5,500 bank employees of a large bank used personal info in order to generate fake accounts and generate money for said accounts. There are no doubt threats from within should be taken into consideration as a cybersecurity threat nearly as much as from outside.
Ransomware and Extortion
Ransomware is exactly how it sounds. It is malicious software that basically holds your files at ransom. It waits until you submit a payment for x amount of money before allowing you access to your system again. It caught a real wind in 2016, seeing nearly half of all businesses being held captive by the invasive software. In the first quarter of 2016 alone, $209 million was paid to ransomware perpetrators. The ransomware trend shows most throughout the past year, where we saw a 600% increase in variants of ransomware throughout the calendar year. Considering that ransomware is about to become a billion-dollar business venture, effectively managing the risk now will show to be a great ROI for companies worldwide, as they will not be another statistic within that billion dollar figure. Ransomware has the potential to cost small and medium companies a minimum of $75 billion annually when all is said and done in expenses and lost productivity. Using the numbers we have as an indicator, there is no reason ransomware should not be seen as one of the top cybersecurity threats in 2017.
IoT hacks have not been taken too seriously up until this point, but they ought to be. The IoT world provides substantial chances for the opportunists to hack our devices in public places. Although added connectivity is convenient on a consumer level, the same goes for people with ill intentions. AT&T, for instance, conducted a study finding that of the 85% of enterprises planning to release IoT devices, only 10% feel any sense of confidence in their ability to protect them from potential hacking threats. In extreme cases, experienced hackers could even utilize IoT devices into drastically fatal consequences, like shutting off an entire power grid. By inheriting more skillful risk management systems to grow alongside this young technology, the potential damage IoT attacks can cause can be greatly mitigated. Nonetheless, with more products coming out like the Amazon Echo and Google Home, 2017 is sure to be an opportune time for IoT attacks to take place by the droves.
Like we said earlier, the 2016 American elections really set a precedent for cybersecurity that we have not seen before, at least not within the political realm. The basic premise of cyber espionage is gaining access to confidential information vis a vis computer networks. The DNC’s hack and subsequent email releases onto WikiLeaks is a prime example and has really shined a light onto cybersecurity as a US presidential platform. Considering that over 2 billion records were stolen over the course of 2016, we should not anticipate any sort of slowdown whatsoever throughout 2017. It can and should remain a top priority for everybody concerning themselves with cybersecurity.
Electronic Medical Records (EMRs)
With more or less every industry laced with excessive filing, the medical industry is progressively moving towards digitizing their patient records. It is such a prioritized portion of the medical field now that bills are being passed to make it easier to share medical records electronically. While efficient from a practical and environmental standpoint, electronic medical records present new elements of cyber vulnerability. In fact, more than half of hospitals said they had been hit by ransomware attacks in the past year. Furthermore, industry experts have said that the medical devices are extremely vulnerable, with little to no security to protect from harmful attacks. EMRs will likely see a drastic overhaul in the coming year within the cybersecurity world. By effectively budgeting a risk management plan, hospitals like the Kansas Heart Hospital could have avoided paying off several ransomware demands. Hospitals should be wary of this come 2017.
Security Manpower Shortage Reaches Epic Proportions
While not an external threat per se, the shortage of qualified cybersecurity professionals will plague many organizations, adding risk and vulnerability. With that considered, it is no wonder that cybersecurity job postings grew 74%from 2009 to 2013. Alongside that is what some may consider an enticing growth in the average salary of cybersecurity professionals. The numbers show that cybersecurity professionals earn nearly 3 times more than the national average. With the basic concept of supply and demand running its course, Security Leaders will be strained, personnel-wise and financially, to meet the demands of their organization and forced to rethink their security infrastructure.
Simply put, things are not about to get easier in 2017 with regards to cybersecurity threats. Some challenges of old will go to the wayside. Newer, more advanced issues will come to the forefront. With the anticipation of some of the most potential vulnerabilities in cyberspace, like EMRs, ransomware, IoT attacks, and cyber espionage, you can best prepare your own and your company’s information to be protected on all fronts going into the new year. Budgeting cybersecurity in this year’s books can end up being the biggest ROI you will see.