Cyber Sec in 2017
Posted: Sun Jan 15, 2017 7:27 pm
Summarizing this Article: http://www.govtech.com/blogs/lohrmann-o ... -2017.html
1) Symantec
Cloud Generation dynamics define the future of the enterprise
- The enterprise network will expand and become increasingly undefined and diffuse.
- Ransomware will attack the cloud.
- AI/machine learning will require sophisticated big data capabilities.
Cybercrime becomes mainstream
- Rogue nation states will finance themselves by stealing money.
- Fileless malware will increase.
- Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS
- Drones will be used for espionage and explosive attacks.
IoT comes to enterprise business
- The proliferation of the Cloud Generation.
- IoT devices will increasingly penetrate the enterprise, leading to increased IoT DDoS attacks.
2) Trend Micro
-“Adobe and Apple will outpace Microsoft in terms of platform vulnerability discoveries.
-call out increasing “cyberpropaganda” as the use of tools and methods to influence elections and public opinion.
3) McAfee
- “Dronejacking” places threats in the sky
- IoT malware opens a backdoor into the home
- Machine learning accelerates social engineering attacks
- The explosion in fake ads and purchased “likes” erodes trust
- Hacktivists expose privacy issues
- Threat intelligence sharing makes great strides
4) Forcepoint
- Rise of the Corporate Incentivized Insider Threat
- Voice-first Platforms & Command Sharing — The rise of voice-activated AI to access Web, data and apps will open up creative new attack vectors and data privacy concerns.
5) FireEye
-Security integration and orchestration should be considered the benchmarks of new technology investment.
-Religious institutions in Western countries are at the top of the list because they typically lack a robust security program yet maintain contact information and other sensitive data.
6) Kaspersky
-The commodification of attacks along the lines of the 2016 SWIFT heists — with specialized resources being offered for sale in underground forums or through as-a-service schemes, will continue in 2017.
7) Palo Alto Networks
Their items are divided into “sure things” and “longshots".
-A few ‘sure things’ include: “Recruiters Search for Cyber Talent Outside of Security”
-Longshots include: “Companies acquire other organizations to inherit talent.”
8) Watchguard Technologies
-First on their Watchguard list is Ransomworm
-IaaS as an attack platform and surface and new steps in a global cyberwar leading to a civilian casualty.
9) Imperva
- Botnet of Things
- Ghosts from the past
- Cyber Fatigue
10) Beyond Trust
-“The first nation state cyber-attack will be conducted and acknowledged as an act of war.
-“Behavioral technologies, such as pressure, typing speed and fingerprints, will be embedded into newly-released technologies.”
11) Checkpoint
“An attack to disrupt or take down a major cloud provider will affect all of their customers’ businesses. While generally disruptive, it would be used as a means to impact a specific competitor or organization, who would be one of many affected, making it difficult to determine motive. There will also be a rise in ransomware attacks impacting cloud-based data centers.”
12) Forrester
“Security And Skills Will Temper Growth Of IoT.” (Note that both Gartner and Forrester are using these predictions as lures to buy their more in-depth prediction analysis.)
13) Gartner
- The first significant finding in the report is that, “Mobile attacks (Pegasus, XcodeGhost) and vulnerabilities (Stagefright, Heartbleed) are increasing in terms of both number and pragmatism.
- Now is the time to start your Mobile Threat Defense (MTD) initiative.
- No EMM? Mobile Threat Defense protects employees and eliminates privacy concerns.
14) White Hat Security
- Nothing will change. “Attackers will continue to discover and exploit zero-days. Companies large and small will continue to lose data and money to the usual attacks, often because they didn’t take basic security precautions.
15) Sophos
- “Destructive DDoS IOT attacks will rise.”
- "As encryption becomes ubiquitous, it has become much harder for security products to inspect traffic, making it easier for criminals to sneak through undetected..."
16) IDC
-IDC leads with: ‘2017 will be worse in every aspect of information security’
-This report, which was focused on Africa, also predicts more consolidating and outsourcing of security
17) IBM
Internet will go down for a day. Also on the list – Tripwire’s prediction that 2017 will bring the return of the worm.
1) Symantec
Cloud Generation dynamics define the future of the enterprise
- The enterprise network will expand and become increasingly undefined and diffuse.
- Ransomware will attack the cloud.
- AI/machine learning will require sophisticated big data capabilities.
Cybercrime becomes mainstream
- Rogue nation states will finance themselves by stealing money.
- Fileless malware will increase.
- Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS
- Drones will be used for espionage and explosive attacks.
IoT comes to enterprise business
- The proliferation of the Cloud Generation.
- IoT devices will increasingly penetrate the enterprise, leading to increased IoT DDoS attacks.
2) Trend Micro
-“Adobe and Apple will outpace Microsoft in terms of platform vulnerability discoveries.
-call out increasing “cyberpropaganda” as the use of tools and methods to influence elections and public opinion.
3) McAfee
- “Dronejacking” places threats in the sky
- IoT malware opens a backdoor into the home
- Machine learning accelerates social engineering attacks
- The explosion in fake ads and purchased “likes” erodes trust
- Hacktivists expose privacy issues
- Threat intelligence sharing makes great strides
4) Forcepoint
- Rise of the Corporate Incentivized Insider Threat
- Voice-first Platforms & Command Sharing — The rise of voice-activated AI to access Web, data and apps will open up creative new attack vectors and data privacy concerns.
5) FireEye
-Security integration and orchestration should be considered the benchmarks of new technology investment.
-Religious institutions in Western countries are at the top of the list because they typically lack a robust security program yet maintain contact information and other sensitive data.
6) Kaspersky
-The commodification of attacks along the lines of the 2016 SWIFT heists — with specialized resources being offered for sale in underground forums or through as-a-service schemes, will continue in 2017.
7) Palo Alto Networks
Their items are divided into “sure things” and “longshots".
-A few ‘sure things’ include: “Recruiters Search for Cyber Talent Outside of Security”
-Longshots include: “Companies acquire other organizations to inherit talent.”
8) Watchguard Technologies
-First on their Watchguard list is Ransomworm
-IaaS as an attack platform and surface and new steps in a global cyberwar leading to a civilian casualty.
9) Imperva
- Botnet of Things
- Ghosts from the past
- Cyber Fatigue
10) Beyond Trust
-“The first nation state cyber-attack will be conducted and acknowledged as an act of war.
-“Behavioral technologies, such as pressure, typing speed and fingerprints, will be embedded into newly-released technologies.”
11) Checkpoint
“An attack to disrupt or take down a major cloud provider will affect all of their customers’ businesses. While generally disruptive, it would be used as a means to impact a specific competitor or organization, who would be one of many affected, making it difficult to determine motive. There will also be a rise in ransomware attacks impacting cloud-based data centers.”
12) Forrester
“Security And Skills Will Temper Growth Of IoT.” (Note that both Gartner and Forrester are using these predictions as lures to buy their more in-depth prediction analysis.)
13) Gartner
- The first significant finding in the report is that, “Mobile attacks (Pegasus, XcodeGhost) and vulnerabilities (Stagefright, Heartbleed) are increasing in terms of both number and pragmatism.
- Now is the time to start your Mobile Threat Defense (MTD) initiative.
- No EMM? Mobile Threat Defense protects employees and eliminates privacy concerns.
14) White Hat Security
- Nothing will change. “Attackers will continue to discover and exploit zero-days. Companies large and small will continue to lose data and money to the usual attacks, often because they didn’t take basic security precautions.
15) Sophos
- “Destructive DDoS IOT attacks will rise.”
- "As encryption becomes ubiquitous, it has become much harder for security products to inspect traffic, making it easier for criminals to sneak through undetected..."
16) IDC
-IDC leads with: ‘2017 will be worse in every aspect of information security’
-This report, which was focused on Africa, also predicts more consolidating and outsourcing of security
17) IBM
Internet will go down for a day. Also on the list – Tripwire’s prediction that 2017 will bring the return of the worm.