2017 to 2018 has been a turning point for information security. Public awareness of malware and cyber security is at an alltime high (thanks in part to the outbreak of WannaCry and NotPetya) and those with nefarious intent and the necessary skills required, appear to be making even more brazen attempts on both our organisational and personal online lives.
This year alone we have seen incredible, and sometimes implausible, headline grabbing news coming out of the security sector; the largest Denial of Service (DoS) attack, the fundamental vulnerabilities discovered in computer chips (Spectre and Meltdown for Intel and the latest discoveries within AMD), the claims of United States election meddling, the increasing ‘Advanced Persistent Threat’ (APT) attacks on Industrial Control Systems (ICS) and Critical National Infrastructure (CNI), and the exponential rise of a new trend “Cryptocurrency Mining” (CryptoJacking).
In this report, we take what has occurred over the last financial year (2017/18) and offer predictions for what we believe organisations should be considering as part of their ongoing (and ever increasing) security operations. Normally these type of ‘predictions’ are released in January, but with the way organisations work, we wouldn’t want you to lie awake at night from January to March fretting over the contents of this report, knowing you could do little about it until your budget agreement, or renewal, come April 2018!
This report will give you informed guidance on where to invest in new technologies, whether you require assistance from external bodies and where to strengthen your existing defence. We would caution that these predictions should not be used as the only means of building your awareness and fortifications. We shall no doubt see some unexpected, leftfield trends emerge as we progress through the year and we advise everyone be cognisant of potential unknown threats yet to emerge.
Please utilise this report as a source of knowledge and advice but also note, as with all forecasts, they are not a 100% guarantee. As Daniel McCracken of the IEEE once said, “Don’t make predictions about computing that can be checked in your lifetime.” We ourselves will be coming back to this report at the tail-end of 2018 to see how accurate (or foolish) we were with some of our calls! We have tried to note sources wherever possible but if you are reading this and feel that it is not representative of work, articles or research you recognise, or have developed, and feel it is not correctly referenced, let us know.
To download our paper please click the link below: