2016 is already here and we have it all in front of ourselves. What should we be expecting? In my crystal ball I believe that 2016 will be as turbulent and perhaps as controversial as 2015.
Let’s look at this from a macro view - the Russian economy and those of north Asia such as Korea are clearly worsening. While at the same time we have a global shortage of Cyber Security staff and for most of the western world also a slowing economy. This leaves us with certainty that there will be greater challenge and increased risk during 2016.
Where will these new risks manifest?
Financial Services Integrity Attacks
An Integrity attack is a specific attack where financial transactions are modified to debit my account and credit the hacker. This can occur usually with the assistance of an ‘insider’. To combat this requires clear visibility around changes to data and the people, process & technology that manages this capability.
However there is another dimension and this one is actually more frightening. This is the threat of ransom, where a hacker has made changes to regulatory reporting data or ‘material’ financial reporting systems.
Both instances create significant business integrity risk.
Smart but not Secure Things
We are seeing more things that are being attached to networks, or at least interacting with the network. No longer does the Network Manager have the full ability to really control at a granular level who accesses the environment.
There are wireless connected printers, speakers, sensors etc. Today I saw what was called a Smart Suitcase that allowed you to personally track the luggage. This particular suitcase even had what was called an electronic lock. I noted that however there was no mention of ‘security’ measures.
For the hackers these new Smart devices provide new attack vectors that are usually not hardened and thus easier to initiate a breach.
Attack Remote and Contracted Workforce
There is a megatrend for enterprises to reduce cost and transform their organisation by switching to Digital. This often results in less staff and more contractors with remote access. These end point devices are often BYOD and not locked down corporate computers.
On a similar vein, every enterprise is embracing the use of 3rd party developers, cloud hosting, supply chain partners and other partners.
Thus, I expect hackers to target these remote contractors, employees and partners in 2016.
Cyber Security Startups
There will be more investment attracted to this space despite what others are saying on this topic. The increased focus on digital means that cyber security has a greater strategic importance for enterprises wanting to win.
Take another view on this topic, there is also greater focus on cyber warfare between nation states. Unfortunately like the traditional economics tradeoff of ‘guns vs butter’, this will morph into ‘guns + cyber security vs butter’.
Startups and the larger players will equally benefit from this.
2016 will be a massive year for new cyber startups.
Social Payments Innovation
There is mobile payments innovation evident all around the world from USA to China. We seeing people now paying using Facebook, Twitter, We Chat and just about any of your suite of social media tools.
Both individuals and enterprises will experience clever social engineering attacks. This has to be expected as we see payments being made in these new domains. I would expect 2016 to see a major payments security issue that emanates from such social media channels.
Collaborate and share more intel
One positive to counterbalance these new risks is greater collaboration and sharing between parties. It is becoming increasingly recognised that sharing intel is a ‘necessary’ and required ‘evil’. A recent example is the US congress bill, this was specifically designed to increase the sharing of security threat information between US government and domestic companies.
The expected outcome is intended to protect the personal data of US citizens. Perhaps there is a price to pay around personal privacy to achieve this objective.
Wordcount = 666
Sorry, but I couldn’t help but notice this number at the base of my page. So had to end on a more auspicious note.
2016 is the Year of the Monkey in the chinese calendar.
Let’s be smart and clever little monkeys in 2016.