NEWS ANALYSIS: Cyber-security threats will likely get worse next year as attacks get more sophisticated, but for organizations the focus will shift to loss prevention.
Attackers are changing their tactics so some of the malware that you have become used to dealing with in 2017 has declined in favor of some other types that will be worse. What won’t change is a persistent trend of organizations and their employees to fail to take even the most basic steps to protect themselves and their data. Here are five things you can expect:
- Ransomware attacks will get worse. Cyber-criminals have already discovered that holding someone’s data for ransom is a reliable means of extorting money in small amounts.
- Email will become a bigger threat than it was in 2017. This means that organizations will need to develop some means of authentication before employees can take certain important actions, such as transferring large amounts of money based on an emailed request, or sending the entire customer list to someone outside the company.
- Leaked exploits will make the spread of malware even harder to fight. New exploits will be leaked, giving hackers new ways to break into computers. The best defense will be to keep your systems updated religiously.
- Malware will become more targeted. You will need to be prepared for everything from order spoofing and bogus invoices to payment documentation that comes complete with embedded malware. As in the case of email, you will need to develop authentication methods if you can’t find automated methods available commercially.
- Stupidity will persist. No matter how good your policies and procedures may be, and no matter what or how many security products you throw at the problem, your staff will remain your weakest point unless you find a way to keep your staff from being able to do dumb things, such as clicking on email links.