ERP News

Our top 7 cyber security predictions for 2018

749 0
Our top 7 cyber security predictions for 2018

Our top 7 cyber security predictions for 2018

Let’s face it: 2017 was a terrible year for cyber security with more phishing scams, ransomware, state-sponsored attacks, and new attack vectors. Will 2018 be better?

Our top 7 cyber security predictions for 2018

Given what’s happened in 2017 — the Equifax breach, state-sponsored attacks, Russian manipulation of social media, Wannacry, and more phishing scams than we can count — you might not be looking forward to 2018. Breaches will be bigger, hackers will be smarter, and security teams and budgets won’t seem to keep pace.

There is reason to be optimistic, though. Yes, some things will get worse before they get better, but we expect real progress in a few areas. Here’s what we think will happen next year.

1. Many, if not most, U.S. companies will not meet GDPR compliance by deadline

Surveys show that U.S. companies subject to the European Union’s (EU) General Data Protection Regulation (GDPR) are far behind where they need to be to make the May 25 compliance deadline. For some, it might not matter.

Regulators will not audit for GDPR compliance, so companies are vulnerable to fines only if there is a breach or EU citizens file complaints. Even if a company experiences a breach or complaint, regulators will likely treat it leniently if the company can document good-faith efforts to comply.

Organizations that don’t take GDPR seriously and experience an event that triggers an investigation by regulators are at real risk of a heavy fine. That leads us to our next prediction.

2. GDPR regulators will quickly make an example of an organization

There are two schools of thought about whom regulators will target first. Some say they will set a precedent first with an EU company because they are perceived to be less likely to fight a fine. Others believe that regulators will not only go after a U.S. company early, but they have specific companies in mind.

It’s not hard to guess which companies they might be. Google, Apple, Amazon, and Facebook have all had contentious relationships with the European Commission on privacy and antitrust issues. If any of these four show signs of non-compliance with GDPR, EU regulators might well seize the opportunity to make a statement.

Other companies are not likely to be early targets unless an especially egregious event occurs that could have been prevented or minimized had GDPR rules been followed. The safe plan is to make your best effort to be in compliance by May 25.

Our top 7 cyber security predictions for 2018

3. The decline of password-only authentication will accelerate

The Equifax and Anthem breaches were wake-up calls for many consumers, who are now asking questions about the safety of their online accounts. Most still have no idea about password alternatives or enhancements like multi-factor authentication (MFA) or risk-based authentication, but they are more aware that passwords alone no longer are enough. In fact, research done by Bitdefender shows that U.S. citizens are more concerned about stolen identities (79 percent) than email hacking (70 percent) or home break-ins (63 percent).

This is important, because companies often cite a lack of demand for stronger authentication as a reason for not offering it. They are reluctant to do so, in part, because they don’t want more complicated authentication degrading the user experience.

Read More Here

Article Credit: CSO

Leave A Reply

Your email address will not be published.