NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

2017 predictions: Looking forward to a new year in cyber security

October 20, 2017

  • Blog
  • Archive

As another busy year in cyber security draws to an end, our team shares their thoughts on the trends and issues we should keep an eye out for in 2017. How can we stay protected against the latest threats? I asked our experts for their views and we’d be interested to hear your predictions too...

Going back to basics

Andrew Avanessian, Vice President, Avecto:

aa-220x220

2017 is likely to see an increase in attacks on digital and mobile payment systems. With so many more payment systems moving to mobile and using near field communication (NFC) and radio frequency identification (RFID), such as Apple Pay and Android Pay, it’s only a matter of time until we see these become bigger and more lucrative targets. I’d expect to see researchers and the security community look to get under the hood of these systems and identify major flaws over the coming weeks and months.

One of the common themes from 2016 has been the number of organisations revealing breaches that could have been prevented by common sense security solutions. A lack of attention and investment in basic security foundations has taken its toll over the past 12 months and unfortunately, I expect that will continue going into 2017 as best practice advice to start with prevention rather then detection is often ignored.

I also believe we’ll see cyber criminals continue and expand their use of social engineering as the weapon of choice for data theft. We all know users are the weakest link in the security chain and that won’t change in 2017. Users must be better educated about the risks if we are to prevent attacks.

Ransomware will reign

James Maude, Senior Security Engineer, Avecto:

james-maude

In 2017, attackers will continue to shift from targeting the confidentiality of data to the availability of data. The result will be more ransomware, and less “low and slow” data breaches. Ransomware will further diversify in 2017, we are already seeing attackers moving beyond the desktop and starting to exploit vulnerable websites and blogs. I expect to see ransomware going after high value enterprise targets such as databases and backup systems. We may also see IOT devices being used to disrupt and hold businesses to ransom, if an attacker can take control of your lights, heating or access controls then they could easily use this against an organisation.

I too think we will see attacks that focus less on sophisticated vulnerabilities and more on manipulating users with social engineering. As many still rely on detection, an attack doesn’t need to be advanced, it just needs to be unique enough not to be detected. Email will continue to be the primary target for phishing attacks however we can expect to see a broader range of phishing campaigns using messaging apps, social media and users personal email to bypass corporate filters.

Organisations will also be under increasing pressure to address the issues of cyber threat as the European GDPR, coming into effect in early 2018, can fine organisations up to 4% of their global turnover in the event of a breach. Increasingly there is a push among regulators to classify ransomware incidents as a breach which will concern many who have been hit on multiple occasions. It will be very important in 2017 to lay the groundwork to ensure financial security in the future.

Awakening security giants

Brian Hanrahan, Product Manager, Avecto:

brian-hanrahan-thumb

In 2017, established security vendors will threaten the traction of upstarts through a renewed innovative vigor and in response to the need for full-lifecycle security platforms. Single-play vendors in detection and response will lose their appeal when asked to prove they solve more than a part of the security problem space.

I also believe we’ll witness a refocus on the human element of security. As organizations shift to more effective strategies to defeat malware, attackers will shift to approaches that use legitimate credentials and software. Defenders will begin to appreciate that user behavior anomalies are the most effective way to differentiate malware and insider threats from acceptable use.

Finally, container isolation of applications as seen in Android, IOS, Windows Universal apps will begin to see wider recognition for its security benefits. We’ll see an accelerating migration of corporate applications from riskier legacy application architecture to container-hosted apps. I think we can expect to see Microsoft show prototypes of Android applications running on Windows within a year.

---

So, you’ve heard from our experts but what are your thoughts? What are you expecting to see in 2017? Send us your thoughts on Twitter or LinkedIn. We’ll also be exhibiting at several events in 2017, including RSA in San Francisco.

Laura Butler,

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.