My Security Crystal Ball

2014 has ended and 2015 is just warming up. We had a year full with big news on security threats and breaches and I collected some industry predictions for 2015 and added my own abbreviated commentary. At the end you can find my own predictions for security in 2015.

 

Julliane Pepitone on CNBC predicts:

  • Attacks sneaking into the enterprise via innocent looking emails (definitely the easiest path in)

  • Ransomware will extend into the cloud and your phone (cloud is not an easy target)

  • Point of sale will stay a high-profile target for attackers (and in 2016 I would extend)

  • Going after wealthy individuals (surprising but definitely the next logical step)

  • Militarization of cyber attacks (didn’t that already happen?)

 

Pat Peterson on Inc

  • Attacking healthcare organizations (lots of private info at risk)

  • Credit fraud (lots of money at stake)

  • Attacks via email again

  • Fraud in frequent flyer and other reward points programs (another form of money though can be quite difficult to liquidate when large amounts of points are stolen)

 

Sophos forecasts

  • Exploits will be vanished from Microsoft Windows since MS is investing a lot in it (I don’t believe this since the complexity of windows is just growing and as such vulnerabilities will stay)

  • IOT attacks become mainstream (definitely attacks will grow higher as IOT adoption grows)

  • Common software has vulnerabilities which are yet to be discovered (agree!!)

  • Mobile attacks will grow (makes sense though I think the point here is the fact that mobile has become a business tool and as such it presents a higher risk)

  • Encryption as a standard (about time)

  • Industrial control systems are an easy target due to the gap in technology (I also foresee here many many news headlines)

  • The changing technological landscape will uncover old and new vulnerabilities

 

Steve Weisman on USA Today

  • Healthcare attacks again

  • Nations attacking enterprises again (I have written about it)

  • Attacks via email again

  • More attacks on cloud (makes a lot of sense since it is becoming a holder of more important data)

  • Attacks against vulnerabilities in common software. Again.

  • Personal financial transactions as a target (interesting)

  • Point of sale again

 

Symantec predictions

  • IOT again

  • Mobile devices again

  • Machine learning will play a key role in defense (it already does but definitely will grow)

Mark Painter on HP Blog

  • Exploits of software will continue to amaze us

  • Cybercime will grow into a full-blown underground industry

  • Attacks becoming personal (which is a nice angle to package attacks on mobile, medical records and personal cloud data)

  • Healthcare again

  • Open source exploits will flourish (agree although the opinions on the security level of open source are diverse)

  • Industry maturity including government intervention and security operations (It will take time until those will be effective)

So basically the experts say that what has happened on 2014 will continue on 2015 and will just grow bigger and will expand into more areas. And I agree.

 

My Predictions:

  • We will witness some new amazing security startups with game changing technologies. I am aware to quite a few which are still in the garage but are building strong weapons against attackers. It will also be the year where adoption of security innovation will sky-rocket.

  • We will hear more and more about polymorphic defense and don’t forget where you’ve heard that first:)

  • Attacks will become less persistent and more invisible within memory, getting in and out with no traces at all.

  • We will see new approaches for attack attribution

  • Customers will be smarter in terms of what they need and don’t need in order to defend themselves.

 

Let’s see…

Site Footer