Connect with us

TECHNOLOGY

THE FUTURE OF CYBER SECURITY

THE FUTURE OF CYBER SECURITY

Information security is a perennially hot topic, but as 2016 kicks off, many organisations look to take stock over the past year and consider what the coming months may have in store.

Breaches of information security have certainly maintained their notoriety, hitting the headlines regularly in 2015, with major breaches hitting companies such as TalkTalk and Vtech.

Below are some expert, thought provoking, security-related predictions from the team at Rapid7, with everyone from Rapid7’s CEO & President, Corey Thomas, to the company’s Global Security Strategist, Trey Ford, weighing in, offering insights around what they think lies ahead for 2016.

Tod Beardsley, Security Research Manager at Rapid7

“I believe, and fervently hope, that the security issues dogging the Internet of Things will reach a critical level of both awareness and accountability. Given the growing coverage in mainstream media outlets about the state of security with IoT, I expect to see vendors of IoT devices take on real responsibility for the security of their devices. We in the security industry all know that hacking IoT devices is like dropping back ten years, and I believe that the mass consumer market will drive creative and realistic solutions to the problems of old software, old build processes, and the fractured patch pipeline.”

Rebekah Brown, Threat Intelligence Lead at Rapid7

We will continue to break free from the echo chamber. We are already seeing this with security researchers spending more time talking to law makers and infosec professionals actively reaching out to engage with non-security sector organisations. This trend will (hopefully) continue into 2016 and will help break down the communication barrier that continues to plague us as an industry.”

Jen Ellis, Vice President of Community and Public Affairs at Rapid7

“We’ll see the massive focus on cybersecurity in the policy sphere continue, and perhaps even increase, with organisational and system changes made to reflect this prioritisation.  With this continued emphasis on cybersecurity in the Government, I hope we’ll see the level of engagement between policy makers and the security community increase, and I hope we’ll see it drive positive outcomes.  However, I am concerned that we’re likely to see some pretty scary legislation being proposed – we’ve already seen a bill that would prohibit independent security research on cars.  It’s on us to educate legislators about the potential fallout of these efforts. I hope we’ll see the security community take a more collaborative, thoughtful, and productive approach to engaging policy makers, so we can avoid legislation that hinders security, rather than helping it.”

Trey Ford, Global Security Strategist at Rapid7

“Come see the softer side of security.

My prediction is probably aspirational: I am hopeful we’ll see more transparency in incident and breach communications. The public isn’t afraid of “yet another breach,” they’re afraid the organisations they have a relationship with will violate their trust. In our series on VERIS, we’ve talked about the questions the public wants to see answered: who took what action, against what systems or information, with what impact, when, and what is being done about it?

Security will continue the shift of focusing more on trust than compliance.”

Guillaume Ross, Senior Security Consultant at Rapid7

“Privacy and security will become more of a concern for consumers in 2016, and perhaps a slight marketing advantage for hardware and software vendors, though it will not become the main criteria for most people choosing a device such as a smartphone or an operating system.

As we are talking about things that will probably not happen, let’s get those un-predictions out of the way:

  • The Internet will not get DDoSed by a botnet of fridges and toasters, though a few will certainly take hold.
  • The Internet will not get DDoSed by a botnet of smartphones, as they will run out of power after an hour.
  • Information Security jobs will not be filled rapidly, as companies will still be struggling to find staff, preferring managed services in many cases, where appropriate.

No, not everyone will be done patching Heartbleed, and no, the amount of services exposed to the Internet at the end of 2016, including SCADA systems, will not be lower than the amount of services exposed at the end of 2015.”

Corey Thomas, President and CEO at Rapid7

“We’ll see a greater gap between the well-managed and the poorly-managed, our security version of income inequality.  The poorly-managed will continue to ignore, pay lip service, and rely mostly on controls.  The well-managed will recruit teams directly or through partnerships and build effective programs.”

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Recent Posts