Over the past few weeks, dozens of people have reached out to me with their cybersecurity predictions for 2018. Some prophecies are fairly obvious (Ransomware will continue in 2018) while at the other extreme, some people are pushing doomsday forecasts aimed at garnering press hits (i.e. the US will suffer a cyber-attack in 2018 that knocks out the power grid for a substantial amount of time).
Here are a few predictions that fall between these extremes. I believe 2018 will feature:
- Cloud computing chaos (aka C-cubed). You’ve probably heard the old adage that change is the enemy of security. This axiom really sums up the issue with cloud computing security. Organizations are moving full speed ahead with cloud computing, deploying cloud-based technologies like VMs, containers, micro-services, and serverless applications across AWS, Azure, Google, IBM, and Oracle cloud platforms. Unfortunately, this is happening at an increasing pace that security teams simply can’t keep up with – especially considering the global cybersecurity skills shortage. According to a recently published ESG/ISSA research report, 29% of organizations have an acute shortage of cloud security skills. Because of these issues, ESG’s cloud security guru Doug Cahill tells me that organizations are not setting up the right security policies, processes, or controls for the cloud. This will inevitably lead to lots of easily-exploitable vulnerabilities, data breaches, and regulatory compliance violations. To alleviate this risk, CISOs will have up their game in 2018, work in lock-step with cloud developers and DevOps groups, surround cloud with the right policies, develop collaborative processes, and build a cloud security controls architecture.
- The rise of high-end security services. As cybersecurity grows increasingly complex, more and more CISOs I speak with are throwing in the towel and outsourcing various security tasks to MSSPs and SaaS providers. In the past, managed security services tended to be pedestrian in nature and this will continue, but look for new high-end/high-skills services designed for more sophisticated enterprise organizations. Some of these services are available today from vendors like Binary Defense, BitSight, Cisco, CrowdStrike, Digital Shadows, FireEye, Forcepoint, Spirent, Symantec, ThetaPoint and others but I expect a growing wave in 2018. What types of services? EDR, managed threat hunting, malware analysis, continuous penetration testing, threat intelligence analysis, etc. According to ESG research, 56% of organizations are implementing, planning, or interested in security as a service so this could be a lucrative market.
- Security technology integration. In 2017, 21% of enterprise organizations said that integrating security technologies into a common architecture was one of their highest priorities, and this will only pick up steam in 2018. In fact, I believe that security operations and analytics platform architecture (SOAPA) will be a major enterprise theme throughout the year. A lot of this integration will center around single vendors and their product platforms/suites. This will cause large vendors like Cisco, IBM, McAfee, Splunk, Symantec, etc. to fill product portfolio holes making 2018 a stellar year for M&A. Aside from these proprietary efforts, I believe that multi-vendor SOAPA efforts will also gain momentum. Look for a lot of action around data standards (CIM, JSON) and open source software like Apache Kafka.