There is much uncertainty surrounding the security industry for 2017, and according to experts in the field, a lot of the trepidation is directly connected to what the nation’s next president will do.
Here’s what security vendors and analysts are predicting for the year ahead.
John B Wood, CEO of Telos Corporation, cites a need for cooperation between the government and the private sector. President-elect Donald Trump took a break from his “thank you” tour to to smooth over a contentious time between the two sides during his campaign.
“President-elect Trump has been vocal about the need for a stronger and more aggressive cyber security posture, and I’m confident that he’ll work with leading members of Congress. Many non-political cyber experts throughout the government, various agency CISOs and [Federal Chief Information Security Officer] General Touhill will also be great resources to further refine cyber security policies to protect U.S. interests in the face of constantly changing threats,” Wood said.
and security,” Sweet stated. “If this new administration demonstrates in their policies a value for law enforcement and intelligence access over citizens’ privacy, they’ll double or triple down on the government’s right to inspect data. The impact of such a reality would extend to the use of online services, cloud providers, even personal computing devices and IoT.”
What that impact would be is very hard to know, but it’s safe to bet that it won’t be positive, he said. The wars around PGP and personal encryption come to mind (anyone remember the Clipper chip?).
John Bambenek, threat systems manager at Fidelis Cybersecurity, said he never would have predicted last year that we would be talking about the DNC and .
“ will be on the upswing and evolve in new unforeseen ways. It will be more targeted and focus on more valuable targets as we saw with healthcare. And it will continue to attack new, more damaging industries like we recently witnessed with ” he said.
While 2016 found the election under scrutiny because of alleged hacking by foreign powers, 2017 will continue the trend of identity theft and ransomware.
Forrester predicts that within the first 100 days, the new president will face a cybercrisis. The momentum of winning the election gives new presidents the public’s support to follow through on key initiatives of their campaigns. However, the 45th president will lose that momentum coming into office by finding the administration facing a cybersecurity incident.
Forrester suggests that the administration prepare for nation-states and ideologies looking to disrupt and degrade. They believe the U.S. should be on the lookout for China, North Korea and Iran.
“Political ideologies use electronic means to both recruit and spread information. DDoS attacks using IoT devices are becoming a common means of disrupting operations for companies or individuals that threat actors disagree with. A company can become a target not just because of its size or global presence but also because of its political donations or public statements. If you’ve never factored geopolitical concerns into your security risk analysis, you ignore them at your own firm’s peril.”
Civilian “casualties” in the Cyber Cold War
Corey Nachreiner, CTO at WatchGuard Technologies, follows Forrester’s way of thinking. “Whether you know it or not, the cyber cold war has started. Nation-states, including U.S., Russia, Israel, and China, have all started both offensive and defensive cyber security operations. Nation-states have allegedly launched malware that damaged nuclear centrifuges, stolen intellectual property from private companies, and even breached other governments’ confidential systems. Countries are hacking for espionage, crime investigation, and even to spread propaganda and disinformation.”
Carson Sweet, CTO, CloudPassage
He believes 2017 will be much of the same: Behind the scenes, nation-states have been leveraging undiscovered vulnerabilities in their attacks, suggesting that these countries have been finding, purchasing, and hording zero-day flaws in software to power their future cyber campaigns.
“In other words, the nation-state cyber cold war is an arms race to discover and horde software vulnerabilities—often ones in the private software we all use every day,” he said.