Micro-segmentation defense, attacks by rogue intelligence officers and quantum encryption investment are among many things to keep an eye on in 2016.
With attacks on organizations ranging from the U.S. government’s Office of Personnel Management to the Ashley Madison website, 2015 was undoubtedly a year of damaging cybersecurity incidents.
Now that we've closed the book on 2015, here are 10 security events to keep an eye on in 2016.
I’ve said it, RSA President Amit Yoran said it and more chief information security officers (CISOs) will be saying it in 2016: The security industry has failed.
Since enterprises have transformed beyond four walls to embrace mobile, cloud, the Internet of Things (IoT) and integrated supply chains, they will begin to look for different ways to address security in these new environments. As Einstein said, “Insanity is doing the same thing over and over again and expecting different results.” And more leading CISOs in government and commercial enterprises will stop pretending that spending more money on yesterday’s ineffective technology will, this year, yield different results.
Organizations often use IT segmentation to ensure that a break-in to one segment of an enterprise won’t affect the security of the other segments. It’s a strong premise, but its execution has failed over the years. Early attempts like “air gaps,” which physically separated networks into different buildings or rooms, proved wildly expensive. Firewalls and virtual local area networks (VLANs) followed, but these are complex to manage and have high error rates. In 2016, we'll see the adoption of new approaches that work better in today’s evolved environments.
Micro-segmentation is the future. It allows enterprise managers to easily and quickly divide physical networks into thousands of logical micro-networks without the historic security management overhead. In 2016, enterprises will look to micro-segmentation as a way to take back control of the enterprise network without having to deal with firewall rules, outdated applications, remote users, cloud-based services and third parties that all have become attack vectors in today’s world. Companies up and down Highway 101 in Silicon Valley are racing to quickly field their own entry in this space.
Companies like Bromium are leading the way in micro-virtualization. They’re taking the concept of “sandboxing” one step beyond separating programs to launch virtual machines that surf the Web for you with hardware isolating any incoming malware.
The micro-privileges concept says that every employee within an organization should have the least amount of privilege required to do their jobs, particularly at the top. This means that the higher you are in an organization, the less privilege you would have, because the risk of attack is so high.
All three “micros” will become easy to deploy and operate in 2016, and will work together to start changing the playing field advantage back to the good guys.
Many state-sponsored attacks attributed to governments worldwide have actually been executed by government employees who were motivated by their own ideological issues — and did not have government authorization.
In 2016, rogue intelligence officers will emerge as a separate category that business and government organizations will need to monitor and control in a different way than they would a state-sponsored attack.
Security is no longer a technology issue, it’s a business issue that requires prioritization from the top down. This is why the security function will evolve and no longer report solely to the CIO. In 2016, boards will start to care and take real action so that cybersecurity expertise is a requirement across the C-suite.
Support for Windows XP ended in early 2014, and security updates to users around the world ceased. However, XP still supports a multitude of critical systems – think ATMs, government networks, hospital devices, and workstations for electric, gas and water utilities — making them vulnerable to hackers. This makes a significant attack in 2016 as a direct result of “XP everywhere" as not only possible, but probable.
Until now, the worst thing that could happen to a machine under cyberattack would be “the blue screen of death.” Now, however, attackers can control the machines, which means they can crash your car, stop your heart or blow up public infrastructure. When cyber starts to meet kinetic, the issue escalates beyond data loss and reputation management to physical destruction and even death. We could very well see the real-world results of this in 2016 as digital and physical worlds collide and are targeted by state-sponsored conflicts and stateless terrorists.
When critical infrastructures like financial systems and utilities fail, we all suffer. Because it is owned by private companies, protecting every aspect of America’s critical infrastructure has been a slow and complicated process. The world is full of people with both the intent to harm the U.S. and the digital know-how to attack our country’s critical infrastructure. This will be a dangerous combination in 2016, and something we will start to address globally.
You’ve heard of ransomware: a malware attack that blocks a user’s access to digital property — essentially holding it hostage — until a certain amount of money is paid through an online payment method like Bitcoin to retrieve the lost data. It’s a common and successful scam targeted at individuals who find it easier to pay up than get help. Next year, these types of attacks will also be aimed at the enterprise. I predict that companies will have data encrypted under ransomware to the tune of millions of dollars.
The companies we know and love from the security history books will be overtaken by emerging security brands that are doing things in a different way. In the next 12 months, new players that think and act differently — and enable the enterprise to do the same — will begin to take market-share from vendors that continue to push yesterday’s technologies.
All security is currently based on encryption, i.e., the inability of modern computers to calculate a very long key in a reasonable amount of time. But with governments and Google hot on the quantum trail, soon quantum computers will be able to break down encryption quickly, and we’ll need a completely new security model. Enter quantum encryption, which is designed to resist this enormous new computing power. In 2016, there will be an increase in funding and R&D investment to develop quantum encryption as a way to resist the quantum computers of the near future.
Tom Patterson is the vice president of Global Security Solutions for Unisys.