We examined the items looking for 17 companies and awarded the 130 forecasts resulting in a number of emerging categories to produce the graph below.
Blue Coat security forecast, Damballa, FireEye, Fortinet, Forrester, Gartner IDC, ImmuniWeb, Kaspersky Lab, Lancope, McAfee, Neohapsis, Sophos, Symantec, Trend Micro and Websense Varonis Systems. Image: Charles McLellan / ZDNet
In the list, include “new vectors and platforms of attack” and “the evolution of existing cybersecurity solutions,” two categories that illustrate the reality of the arms race in cybersecurity.
In the first category, a number of commentators have pointed out the “new bugs in older code widely used” (Kaspersky Lab), such as Heartbleed / OpenSSL Shellshock / Bash. Sophos noted exploitable vulnerabilities in IPv6, as well as robot and rootkit capabilities in the boot UEFI enriched environment that can generate new attack vectors. Apple was the main reported new platform, for example by FireEye, who notes that “Because Apple is increasingly present in companies, designers of malware will adjust their toolset.” The recent record sales figures will only widen appetite hackers for Apple products.
“solutions and automated security tools will not be effective”
A wide range of forecasts entered the number two category (“Evolution of existing cybersecurity solutions”), including the affirmation of ImmuniWeb that “solutions and automated security tools will be most effective” when used in a manner Independent or without human intervention. Fortinet think hackers will seek increasingly to escape the sandbox processing techniques (sandbox) and distract investigators “by injecting more diversions in their attacks to thwart investigators and by deliberately sowing evidence that designate a hacker with no connection with them. ”
Meanwhile, the analyst firm IDC states that” By 2017, 90% of a company’s endpoints use a form of physical protection to ensure the maintenance of their integrity “and that” by 2018, 25% of security applications that were previously purchased independently be incorporated directly into enterprise applications. ”
The issue of the Internet of Things
Several forecasting categories relate to specific and new vectors of attack platforms, including the Internet of Things (in which we include all what will the ready-to-wear technology to critical infrastructure components), mobile technologies, individuals and social networks, big data and analytical processing, cloud computing services, payment systems and terminals retail POS, web technologies, open source software, malicious advertisements and attacks by third parties. This shows that the palette of opportunities for hackers continue to expand as the world becomes ever more connected to the internet. Recently, for example, has discovered a vulnerability that allows to hack a drone via a backdoor in its control software based on Linux.
about the Internet of Things (ranked in 3rd position in chart), Websense stresses that “Your refrigerator is not a security threat. By cons, industrial sensors are.” In other words, cyber criminals are more likely to target the communications between machines in automated industries such as power generation or extraction of gas and oil to try to “melt butter or turn milk” in your smart refrigerator. This view is shared by Sophos, who notes that “The difference between ICS / SCADA and real security is increasing.” At the other end of the scale of the Internet of Things, Forrester states that “A breach of security of medical data due to the ready-to-wear technology will encourage the US Federal Trade Commission to take action” in 2015; companies seeking to establish wellness programs for their employees based on the ready-to-wear technology must remember this.
Many commentators point out that the mobile platforms (ranked in 4th position) will become more and more attractive to hackers and cybercriminals, particularly at a time when mobile payment systems like Pay Apple gaining popularity. Websense also believes that hackers will target mobile devices, “not just to crack the code of the phone and steal data on the unit itself, but as a vehicle to data resources for which the apparatus can more freely access the cloud. ”
Attractiveness to social networks
Hackers also are increasingly interested individuals and social networks (classified in 9th position), especially for designing targeted attacks such as Blue Coat observes: “The attack tools exploit more and more information from social networks to better personalize the attacks Most of the attacks have targeted a social context, which increases efficiency and is easier. to do today. Attackers will exploit their knowledge of targeted victims to gain access to data and critical systems. ”
Regarding the big data and analytical processing (classified 13th position), Varonis Systems warns against the rise of attacks “salami”, “Even when they are encrypted or anonymised, the extensive data collected on individuals via social networks, credit card transactions , security cameras and fingerprints are increasingly blended into a frighteningly full view. This threatens not only individuals, but also government agencies, enterprises and their trading partners. […] In 2015, a major initiative of big data somewhere in the world will be defeated by a salami-type attack. “Always about big data, Symantec provides for his part that” Automatic learning change the situation in the fight against cybercrime. ”
The challenge of cloud computing
cloud services (ranked 14th place) are another battleground for the cyber security, where Varonis Systems judge that “The IaaS cloud providers and will highlight their effectiveness in managing and protecting data while providing their customers with features that enhance productivity. […] Failure to provide the same levels of access control, data protection and improved productivity that companies are used within their datacenters, cloud providers will be limited to . service niches that exclude “most vital data” their customers “Meanwhile, IDC expects the migration of security software to cloud computing:” Companies use security software as a service (SaaS) a larger share of their security spending. By the end of 2015, 15% of all security will be provided via SaaS or hosted, against over 33% by 2018. ”
Several commentators noted the large number of profile attacks against retail operations (classified in 15th position) in 2014, a trend expected to continue in 2015: “Hackers are targeting sales outlets and vending machines” (Kaspersky Lab) “Regarding the security breaches in the retail sector, 2014 was only the tip of the iceberg “(Damballa). As a result, Forrester states that” Retailers security budgets will record a double-digit growth in 2015 “. Other New attack vectors noted in the 2015 forecasts include open source software and vulnerable parties such as the links in the supply chain or advertisements infected with malware (malicious advertising).
One need not be clairvoyant to predict that the resounding security breaches (ranked in 5th place) will continue to make the headlines: “Cyber security will remain under the spotlight because of major data leak” ( Symantec). However, Websense draws particular attention to the medical data on the grounds that “No other type of record contains as much personally identifiable information that can be used in a multitude of consecutive attacks and different types of fraud.”
Encryption and respect for private life
Encryption and respect for private life (ranked 6th position), much talked about in the news right now, come back regularly the forecasts. According to Blue Coat, encryption is a double-edged sword: “The use of encryption will continue to increase for protecting consumer privacy The malware will hide behind more encryption to evade detection. most companies struggling to keep balance between respect for the privacy of employees and attacks behind encryption. ” Sophos returned meanwhile on the political angle: “Problems of security and respect for privacy are the subject of a growing awareness following the revelations of espionage practiced by intelligence agencies and breaches data security that make the headlines; accordingly, encryption eventually becomes inescapable Some organizations, such as the intelligence agencies and the agencies responsible for law enforcement, deplore, thinking this. affect security negatively. ”
Several forecasts converge around the regulations, compliance and cyberassurance (classified in 7th position). About the laws relating to the notification of security breaches, Varonis Systems highlights a gap between the two sides of the Atlantic: “The data will be more secure in the EU [through regulation proposal on the protection of Data], but what will happen in the US? “. This underlies the forecast Neohapsis that “an American company will be involved in a significant breach of EU data.” The prospect of “trial and fines of several million dollars” following security breaches affecting customers led Forrester predict that “100 million cyberassurance fonts will become the norm,” feeling that FireEye sharing.
“Fewer companies will manage their own security operations center”
The evolution of corporate security policies (ranked in 8th position) concerned several commentators. FireEye think “Fewer companies will manage their own security operations center” and that companies must “Skip a peaceful mentality to an offensive mentality,” while the profile of growing cybersecurity leads IDC predicting that “By 2018, 75% of security managers and those responsible for computer security (RSSI) will be attached directly to the CEO, not the CIO.”
Information on the attacks “stealth” advanced and prevention (ranked 10th place) are naturally identified by FireEye and Damballa, two companies specializing in solutions in this area. FireEye think companies “stop paying for antivirus software” and “will transfer these expenses to advanced techniques for detection, response and research evidence.” For its part, Damballa recalls that companies have invested in “the detection and response to threats” in the second half of 2014 and expects this trend to continue in 2015.
Attacks sponsored State and politically motivated
attacks sponsored by States and politically motivated (ranked in 11th place) are mentioned by many commentators: “New players enter the game cyberwar” (Websense) “The rise of spy software” (Blue Coat) “The attacks of cyber espionage continue to increase in frequency” (McAfee) “Attackers target politically motivated private citizens” (Neohapsis). Websense noted that cyber warfare and terrorism are increasingly carried out by “” cells “loosely affiliated […] independent of the causes of nation states, but nevertheless support.”
The ransom programs (classified in 12th position), by which money is extorted in exchange for the lifting of some restrictions (such as data encryption) on an infected system, expected to increase in scope and frequency, “The ransom software will aim higher and cost more “(Blue Coat) “The expansion of ransom software” (Lancope); “Authors of scams will continue to use cost-effective software ransom” (Symantec); “The ransom software will evolve their propagation methods and encryption, as well as their targets” (McAfee).
The remaining categories of related forecasting biometrics and multi-factor authentication, and cybercrime cyber skills, the latter having been surprisingly mentioned only once by Sophos (“The gap in global skills continues to increase, while education and incident response remain a key priority” ).
Annual Reports and studies
Moult studies, white papers and annual reports on topics related to cyber security have been published. We can all talk about, but here’s a short list for further reading if you want to dig the subject
One thing is certain with cybersecurity. It longer enough for companies to simply protect the perimeter network with a firewall and install antivirus software on the endpoints. The security officials and RSSI must constantly monitor the changing context of threats and replace the mentality of “if we get hack” by “when we will hack.”
Strategies regarding corporate social networking, mobility, big data, cloud computing and other digital transformation inevitably expose them to new types of cyber attacks, which have constantly to test the current set of cybersecurity tools namely: firewall, antivirus, VPN, security systems and intrusion detection, advanced defenses against threats, etc. If these solutions are not up to the task, it will invest in new defenses, competent staff to run them and fonts cyber insurance in case such measures would fail.
At the least, the media coverage of growing cybersecurity should give security officials and RSSI many ammunition to argue their case before the board