Cyber Security Trends We can Expect to See in 2017


The last days of 2016 were dominated by ominous news on the IT security front.

Headlines about massive DDoS disruptions, state-sponsored hacking and other evolving threats are unlikely to change much as we enter the new year, but 2017 may have a bright spot.

With cyber threats constantly increasing, the pool of skilled security talent are lagging behind. Organizations are reaching a tipping point in what they can tolerate. In the coming months, we can expect to see companies fight back to protect themselves as well as their customers.


The following are some of the 2017 cyber security trends we will be tracking.

  1. As the Internet of Things grows, we’ll see new vulnerabilities emerge.

The Mirai code that was released on the Internet in mid-October aided in deploying an unprecedented DDoS attack against service provider Dyn, which in turn disrupted organizations such as Twitter and Spotify. It essentially takes over “smart” devices, or devices that are connected to the Internet, to launch denial-of-service (DoS) attacks.

Thousands of smart devices connect to the Internet each minute, and malware such as Mirai, offering the capability to allow attackers to control these devices, represents a huge and dangerous vulnerability. Like so many other pieces of malicious code before it, Mirai will morph and undoubtedly fall into the hands of more potential attackers as it continues to spread.

  1. Countries will have to consider “cyber arms treaties” to reverse the trend of things like hacktivism.

Anonymous, New World, WikiLeaks and state-sponsored hackers headlined much of the tech news in 2016. From claiming responsibility for DDoS attacks and website defacement on organizations as a sign of civil disobedience to stealing highly classified data from the securest of organizations, hacktivism in its various forms has been successful.

The real concern for organizations and governments now is the growing armies of state-sponsored hackers who have potentially unlimited resources. Countries including China, Russia and the United States will have to get serious about an “arms treaty” or something similar to reverse this trend.

  1. The mainstream move to the cloud and mobile computing will turn up the volume on demands for security that covers the expanding attack surface.

Applications and data are moving to the cloud and mobile devices to increase access and productivity, as well as to reduce infrastructure and maintenance costs for organizations. Obviously, all of these are benefits for employees, customers, organizations and society as a whole.

This transition, however, will no doubt create new vulnerabilities. Because essentially, the “cloud” is merely someone else’s computer, and by moving and sharing information across more devices and people, the attack surface grows—and the opportunity for attackers grows as well.


  1. The security skills shortage will continue.

Defending an organization against cyber attacks takes enormous resources in both technology and expertise. Many folks forget that the Internet wasn’t designed to be secure; it was designed to allow people and organizations to share information. Thus, adding security has been secondary.

Most organizations are trying to plug holes and vulnerabilities, even as new ones are constantly surfacing. The experts who understand how to anticipate these vulnerabilities and adequately secure the organization are scarce.

This is one trend that will persist for some time, as attackers need not be as smart as cybersecurity experts to be successful. And let’s face it: hackers only have to be right once. The experts have to be right every time. Attracting new talent and training them adequately will continue to be a challenge.

  1. Companies will fight back.

There is no question that attackers, hacktivists, black hats and other adversaries have a leg up on the good guys. But every phenomenon has a tipping point when the pain of these attacks spurs investment and action.

The coming year represents that tipping point. In 2017, companies will get serious about protecting their intellectual property, customer data and business continuity. Customers are walking away from businesses that suffer breaches, and the regulatory environment is such that businesses will need substantial protection, whether they build it into their organizations or outsource the responsibility.

In many ways, 2017 represents the continuation and evolution of cybersecurity stories that began in 2016.

The plot twist we can all look for, however, will inevitably be that organizations of all shapes and sizes are realizing the stakes of this cyberwar and are taking a firm stand to protect their customers, employees, intellectual property and ability to thrive amidst constant attacks from the world’s malicious actors.



Trackback from your site.