In 2017, our clients, in many ways, have been lucky not to have gone the way of Equifax, the SEC and most recently Uber. Despite their good fortune, Matrix Integration’s clients continue to take proactive steps toward decreasing their cybersecurity risk. No matter what stage companies are in, strengthening their cybersecurity posture in 2018 will be a critical component to their strategy, therefore we will see a continued focus and spend on cybersecurity solutions to eliminate risk.

  1. Resources (people and money) for preventative and proactive measures will continue to shift from the network perimeter to within the network. Network Access Control (NAC), network segmentation, and Security Information and Event Management (SIEM) products and/or services will be the top three solutions for most organizations.
  2. Cloud security will become even more important as workloads transition to the cloud, whether public, private, or hybrid. The challenge will continue to be defining the security responsibilities of the cloud provider versus the organization. A September blog post from BeyondTrust highlights these challenges and suggests a sound approach to cloud security.
  3. Companies will begin to shift their cybersecurity strategy from “prevent and protect” to “detect and recover”. There is a risk of moving too far away from “prevent and protect” which, in turn, will make “detect and respond” exponentially more difficult. The best strategy is a well-designed combination of the two approaches.
  4. Ransomware will be significantly worse. Variations of WannaCry and NotPetya along with Ransomware as a Service (RaaS) will result in at least a doubling of the number of ransomware incidents from 2017. The cost of ransomware damages globally will likely exceed $5 billion in 2017 and will be substantially higher in 2018. There were approximately 4 million ransomware attacks in 2015, 638 million in 2016, and the estimate for 2017 is a 250% increase. The number for 2018 will be well over 2 billion attacks. Organizations should focus on prevention methods like security awareness training, detection methods like managed security services, and recovery. Recovery may be the most important and relies heavy on the ability to fully eradicate the ransomware and a sound data back-up strategy.
  5. Security awareness training of staff and contractors will become increasingly important as hackers turn away from direct attacks on network infrastructure and web applications and target the end-users with sophisticated “phishing” techniques.
  6. Significant attacks on IoT and personal assistant/artificial intelligence will increase dramatically.
  7. The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) will continue to gain widespread acceptance and adoption because it is designed to complement, not replace, an institution’s risk management process and cybersecurity programs.
  8. More PCI compliance audits for credit card transactions, as the PCI DSS compliance requirements become even more stringent.
  9. Additional high-profile breaches as large organizations continue to fail at the fundamentals of cybersecurity.
  10. Large healthcare organizations will continue to struggle to balance patient care, the needs of physicians and other medical personnel to quickly access critical information, and patient privacy with cybersecurity fundamentals.