{"id":1205,"date":"2019-02-15T10:32:01","date_gmt":"2019-02-15T10:32:01","guid":{"rendered":"http:\/\/kusuaks7\/?p=810"},"modified":"2023-08-11T12:18:38","modified_gmt":"2023-08-11T12:18:38","slug":"the-top-18-security-predictions-for-2018","status":"publish","type":"post","link":"https:\/\/www.experfy.com\/blog\/bigdata-cloud\/the-top-18-security-predictions-for-2018\/","title":{"rendered":"The Top 18 Security Predictions for 2018"},"content":{"rendered":"<p><strong><em>Ready to learn Data Science? <a href=\"https:\/\/www.experfy.com\/training\/courses\">Browse courses<\/a>\u00a0like\u00a0<a href=\"https:\/\/www.experfy.com\/training\/tracks\/data-science-training-certification\">Data Science Training and Certification<\/a> developed by industry thought leaders and Experfy in Harvard Innovation Lab.<\/em><\/strong><\/p>\n<p><em>What will happen in cyberspace in 2018? How will technology impact the real world over the next year? Once again, the cybersecurity industry is full of security predictions, trend reports, cyber forecasts, IT security analysis and red-hot security examples to allow everyone to try to connect the dots to the future. Here\u2019s your annual security industry prediction roundup from the top cybersecurity experts, magazines, companies, analysts and more.<\/em><\/p>\n<p>Abraham Lincoln once said, \u201cThe best thing about the future is that it comes one day at a time.\u201d<\/p>\n<p>Winston Churchill once said, \u201cIf you\u2019re going through hell, keep going.\u201d And, \u201cNever, never, never give up.\u201d<\/p>\n<p>As we\u00a0<a href=\"http:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/2017-the-year-hurricanes-devastated-land-data-and-trust.html\" rel=\"noopener\">look back at top cyber stories and security trends in 2017<\/a>, these wise words from fearless leaders who have gone before us certainly apply to cybersecurity and the new 21st-century challenges confronting our world in 2018.<\/p>\n<p><strong>What\u2019s HOT and Likely Getting HOTTER in 2018?<\/strong><\/p>\n<p>Last year we started with, \u201cYou ain\u2019t seen nothing yet!\u201d<\/p>\n<p>Hold on! 2018 will be even worse online, if these global security experts are correct.<\/p>\n<p>No doubt, more sophisticated hacker tricks, phishing attempts and data breaches are coming.<\/p>\n<p>What are the most common security predictions for next year? New forms of malware, more expensive ransoms as more ransomware hits more organizations, Internet of Things (IoT) device problems at home, AI and machine learning gone astray (as a cyberweapon), cryptocurrency problems, cloud computing breaches and plenty more of everything we already saw in 2017.<\/p>\n<p>Almost everyone is talking about the\u00a0<a href=\"https:\/\/www.csoonline.com\/article\/3202771\/data-protection\/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html\" rel=\"noopener\">huge impact of GDPR<\/a>\u00a0in 2018 \u2014 some think the fines will wait for later after lawsuits will be filed, but most see a major shake-up coming for companies\u2019 policies and procedures as a result of the new European privacy rules.<\/p>\n<p>Other common cyberpredictions include increased scope and impact from\u00a0<a href=\"http:\/\/www.iotjournal.com\/articles\/view?15070\/2\" rel=\"noopener\">DDOS attacks<\/a>, the number of cybercriminals (and crimes) increasing, continued shortages of qualified security professionals \u2014 with new attempts to deal with the staffing problems, popular (and easy to use) home devices (<a href=\"https:\/\/www.wired.co.uk\/article\/amazon-echo-alexa-hack\" rel=\"noopener\">such as Amazon Echo<\/a>) getting hacked in new ways and much more nation-state hacking.<\/p>\n<p>In addition, the election hacks,\u00a0<a href=\"http:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/understanding-new-hacktivism-where-next-for-hackers-with-a-cause.html\" rel=\"noopener\">hacktivism<\/a>\u00a0and business email compromised (CEO fraud) show up on many lists as likely items that will expand in the coming year.<\/p>\n<p><strong>Why Take the Time to Understand Cybersecurity Industry Predictions?<\/strong><\/p>\n<p>There\u2019s no doubt that security predictions are exploding and cover a very wide range of technology, physical security and Internet of Things (IoT) topics around the world. The breadth and depth of industry involvement in this cyber forecasting process even exceeds previous years, which is truly remarkable and shows the dramatic growth of the security industry as a whole.<\/p>\n<p>So why take the time to go through these lists? I addressed this topic in detail back in 2016 for\u00a0<em>CSO Magazine<\/em>\u00a0in this piece:\u00a0<a href=\"https:\/\/www.csoonline.com\/article\/3021951\/security\/why-more-security-predictions-and-how-can-you-benefit.html\" rel=\"noopener\">Why more security predictions and how can you benefit?<\/a>\u00a0I started by saying that Americans love baseball, hot dogs, apple pie and predictions. I also predicted that more security predictions would be coming \u2014 and I certainly nailed that cybersecurity trend.<\/p>\n<p>But beyond just a fun end-of-the-year exercise, there is immense value for individuals and companies as they plan their future strategies. Here\u2019s an excerpt of a few of the benefits to understanding what experts think may be coming soon:<\/p>\n<ul>\n<li><em>Gain industry knowledge, understand overall trends and expand your horizons beyond one stovepipe or topic.\u00a0Security predictions help you understand industry trends and help you grow in your knowledge \u2014 if you do your homework and read the supporting research that usually comes from major vendors. Remember that the actual date the event happens is less important than trends, patterns and even repetition of an item. \u2026<\/em><\/li>\n<li><em>Use the free advice, direction, insights and annual reports provided by many to respond to the expected cyberthreats.<\/em><\/li>\n<li><em>Use predictions as an opportunity to educate others. Get the word out on cybersecurity \u2014 whether that is to your company, your family or your community group. Are you bringing problems or solutions? We claim we want to educate end users on cybersecurity, so educate!<\/em><\/li>\n<\/ul>\n<p><strong>Quick Reminders<\/strong><\/p>\n<p>No doubt, there are some leftover (very similar) predictions from the past few years. There is also the annual chorus of: \u201cWill this be the year for a Cyber Pearl Harbor or a Cyber 9\/11 that brings down critical infrastructure for a section of the country?\u201d<\/p>\n<p>To get a full sense of the breadth and depth of security industry prediction lists and forecasts, I recommend going back in time and reviewing some of the previous security prediction roundups from\u00a0<a href=\"http:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/The-Top-15-Security-Predictions-for-2015.html\" rel=\"noopener\">2015<\/a>,\u00a0<a href=\"http:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/the-top-16-security-predictions-for-2016.html\" rel=\"noopener\">2016<\/a>\u00a0and\u00a0<a href=\"http:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/the-top-17-security-predictions-for-2017.html\" rel=\"noopener\">2017<\/a>\u00a0to help keep score on prognosticators. Our analysis process has not changed much in the many years since we started, and all decisions are made independent of company or magazine influence.<\/p>\n<p>For more details, I encourage you to go to the prediction details by clicking on the hyperlinked report and\/or visit the specific website and download the full white papers to get more details on these security trends and 2018 predictions lists. Many of these predictions have longer explanations as to why this will happen (with more data to share.)\u00a0\u00a0Be aware that some vendors may require you to register (often for free) to get their full prediction report.<\/p>\n<p>So now we&#8217;re ready to move on to the best (most complete) security prediction list for 2018, ranked from 1-18 using my vendor-agnostic rating system, along with honorable mention and late-arriving prediction lists.<\/p>\n<p><strong>Detailed Prediction Reports by Source<\/strong><\/p>\n<p><strong><a href=\"https:\/\/www.trendmicro.com\/vinfo\/ph\/security\/research-and-analysis\/predictions\/2018\" rel=\"noopener\">1) Trend Micro<\/a><\/strong>\u00a0takes the top prize for again having an impressive, well rounded set of predictions. The Trend Micro theme is \u201cAre You Ready for Paradigm Shifts,\u201d and here are their top predictions:<\/p>\n<ul>\n<li><em>In 2018, digital extortion will be at the core of most cybercriminals\u2019 business model and will propel them into other schemes that will get their hands on potentially hefty payouts.<\/em><\/li>\n<li><em>The ransomware business model will still be a cybercrime mainstay in 2018, while other forms of digital extortion will gain more ground.<\/em><\/li>\n<li><em>Cybercriminals will explore new ways to abuse IoT devices for their own gain.<\/em><\/li>\n<li><em>Global losses from Business Email Compromise scams will exceed US$9 billion in 2018.<\/em><\/li>\n<li><em>Cyberpropaganda campaigns will be refined using tried-and-tested techniques from past spam campaigns.<\/em><\/li>\n<li><em>Threat actors will ride on machine learning and blockchain technologies to expand their evasion techniques.<\/em><\/li>\n<li><em>Many companies will take definitive actions on the General Data Protection Regulation (GDPR) only when the first high-profile lawsuit is filed.<\/em><\/li>\n<li><em>Enterprise applications and platforms will be at risk of manipulation and vulnerabilities.<\/em><\/li>\n<\/ul>\n<p><strong><a href=\"https:\/\/www.symantec.com\/blogs\/feature-stories\/2018-cyber-security-predictions\" rel=\"noopener\">2) Symantec<\/a><\/strong>\u00a0had another outstanding set of predictions for 2018 on a wide range of topics:<\/p>\n<ul>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/#1\" rel=\"noopener\">Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/#2\" rel=\"noopener\">Cyber Criminals Will Use Artificial Intelligence (AI) &amp; Machine Learning (ML) to Conduct Attacks<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/2\/#3\" rel=\"noopener\">Supply Chain Attacks Will Become Mainstream<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/2\/#4\" rel=\"noopener\">File-less and File-light Malware Will Explode<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/2\/#5\" rel=\"noopener\">Organizations Will Still Struggle With Security-as-a-Service (SaaS) Security<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/2\/#6\" rel=\"noopener\">Organizations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security \u2014 More Breaches Due to Error, Compromise &amp; Design<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/3\/#7\" rel=\"noopener\">Financial Trojans Will Still Account for More Losses Than Ransomware<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/3\/#8\" rel=\"noopener\">Expensive Home Devices Will Be Held to Ransom<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/3\/#9\" rel=\"noopener\">IoT Devices Will Be Hijacked and Used in DDoS Attacks<\/a><\/em><\/li>\n<li><em><a href=\"https:\/\/www.techarp.com\/articles\/symantec-2018-cybersecurity-predictions\/3\/#10\" rel=\"noopener\">IoT Devices Will Provide Persistent Access to Home Networks<\/a><\/em><\/li>\n<\/ul>\n<p><strong>\u00a03)\u00a0\u00a0Watchguard Technologies<\/strong>\u00a0<em>\u2014<\/em>\u00a0I really like Watchguard\u2019s presentation of predictions again! In fact, I would say that their online videos and infographics may be my favorite this year. However, their actual predictions seemed rather mainstream and offered no huge surprises. Very solid list though:<\/p>\n<ul>\n<li><em>Cryptocurrency Crash<\/em><\/li>\n<li><em>Wi-Fi Hacking<\/em><\/li>\n<li><em>Increased Adoption of Corporate Cyber Insurance<\/em><\/li>\n<li><em>IoT Botnets Force New Regulations<\/em><\/li>\n<li><em>Linux Attacks Will Double<\/em><\/li>\n<li><em>Multi-factor Authentication<\/em><\/li>\n<li><em>Hack Election Machines<\/em><\/li>\n<\/ul>\n<p>4)\u00a0<strong><a href=\"https:\/\/www.mcafee.com\/us\/about\/newsroom\/press-releases\/press-release.aspx?news_id=20171129005305\" rel=\"noopener\">McAfee<\/a><\/strong>\u00a0<strong><em>\u2014<\/em><\/strong>\u00a0McAfee forecasts developments in adversarial machine learning, ransomware, serverless apps, connected home privacy, and privacy of child-generated content. Here are some details:<\/p>\n<ul>\n<li><em>McAfee Labs predicts an adversarial machine learning \u201carms race\u201d between attackers and defenders<\/em><\/li>\n<li><em>Ransomware to evolve from traditional PC extortion to IoT, high net-worth users, and corporate disruption<\/em><\/li>\n<li><em>Serverless Apps to create attack opportunities targeting privileges, app dependencies, and data transfers<\/em><\/li>\n<li><em>Connected home devices to surrender consumer privacy to corporate marketers<\/em><\/li>\n<li><em>Consumer apps collection of children\u2019s content to pose long-term reputation risk<\/em><\/li>\n<\/ul>\n<p>5)\u00a0<strong>FireEye\u00a0<\/strong>offers excellent predictions, but requires you sign up for the full report (which is free). Download\u00a0<a href=\"https:\/\/www2.fireeye.com\/LP-WEB-GTM-Security-Predictions-2018.html\" rel=\"noopener\">full FireEye prediction report here<\/a>.<\/p>\n<p>Nevertheless,\u00a0<a href=\"https:\/\/www.ndtv.com\/india-news\/chinese-hacker-groups-to-shift-focus-to-india-in-2018-cyber-security-firm-fireeye-1785009\" rel=\"noopener\">this interview with FireEye executive leadership, including their CEO Kevin Mandia,<\/a>\u00a0is eye-opening regarding 2018 predictions:<\/p>\n<p><em>In the Indo-Pacific region, FireEye said, China and neighboring countries are still continuing political disputes, especially with India, South Korea, Japan, the Philippines, Vietnam and other South-east Asian countries.<\/em><\/p>\n<p><em>&#8220;Therefore, unorganized &#8216;hacktivism&#8217; attacks as a response to these political tensions within and against these countries is expected to continue and possibly rise throughout the new year,&#8221; the company warned.<\/em><\/p>\n<p><em>According to FireEye, it observed an increase in non-Chinese and non-Russian APT groups in 2017 and expects to discover more in 2018. Ransomware is expected to rise in 2018, especially as administrators are slow to patch and update their systems.<\/em><\/p>\n<p><em>Other popular techniques that will continue to be used in 2018 are strategic web compromises and spear phishing, especially in targeted attacks. We also expect to see many more destructive worms and wipers, the cyber security firm noted.<\/em><\/p>\n<p><strong>6) Kaspersky\u00a0<em>\u2014<\/em>\u00a0<\/strong>Offers detailed cyberthreat forecasts in each major sector. For example, their\u00a0<a href=\"https:\/\/www.kaspersky.com\/blog\/cyberthreats-in-2018-forecasts-financial\/20144\/\" rel=\"noopener\">financial predictions include:<\/a><\/p>\n<ul>\n<li><em>Cryptocurrency \u2014 in vogue in the cybercriminal world<\/em><\/li>\n<li><em>Speed increases danger<\/em><\/li>\n<li><em>Fraud as a service<\/em><\/li>\n<li>Other Kaspersky predictions about auto, connected health, industrial security and cryptocurrencies can be found at\u00a0<a href=\"https:\/\/www.slideshare.net\/KasperskyLabGlobal\/kaspersky-security-bulletin-threat-predictions-for-2018\" rel=\"noopener\">this excellent SlideShare<\/a>.<\/li>\n<\/ul>\n<p><strong>7) Palo Alto\u00a0Networks<\/strong>\u00a0<em>\u2014<\/em>\u00a0Human safety and security will be added to confidentiality, integrity and availability, according to Palo Alto Networks.<\/p>\n<p><strong>8)\u00a0<a href=\"https:\/\/www.cso.com.au\/article\/630714\/forcepoint-security-predictions-2018\/\" rel=\"noopener\">Forcepoint<\/a>\u00a0<\/strong>\u2014 Offers eight different areas of concern for the year ahead and five predictions for 2018.<\/p>\n<ul>\n<li><em>An increasing amount of malware will become MitM [Man in the Middle]-aware.<\/em><\/li>\n<li><em>IoT is not held to ransom but instead becomes a target for mass disruption.<\/em><\/li>\n<li><em>Attackers will target vulnerabilities in systems which implement blockchain technology.<\/em><\/li>\n<li><em>A data aggregator will be successfully breached in 2018 using multiple attack methods.<\/em><\/li>\n<\/ul>\n<p><strong>\u00a09)\u00a0<a href=\"https:\/\/www.imperva.com\/blog\/2017\/12\/top-five-trends-it-security-pros-need-to-think-about-going-into-2018\/\" rel=\"noopener\">Imperva<\/a><\/strong>\u00a0\u2014 Offers Their Top 5 Trends That IT Pros Need to Think About:<\/p>\n<ul>\n<li><em>Massive Cloud Data Breach<\/em><\/li>\n<li><em>Cryptocurrency Mining<\/em><\/li>\n<li><em>Malicious Use of AI\/Deception of AI Systems<\/em><\/li>\n<li><em>Cyber Extortion Targets Business Disruption<\/em><\/li>\n<li><em>Breach by Insiders<\/em><\/li>\n<\/ul>\n<p><strong>10)<\/strong>\u00a0\u00a0<strong><a href=\"https:\/\/www.techrepublic.com\/article\/forresters-top-6-cybersecurity-predictions-for-2018\/\" rel=\"noopener\">Forrester<\/a><\/strong>\u00a0\u2014 As always, Forrester offers some unique and thought-provoking predictions for 2018:<\/p>\n<ul>\n<li><em>Governments will no longer be the sole providers of reliable, verified identities<\/em><\/li>\n<li><em>More IoT attacks will be motivated by financial gain than chaos<\/em><\/li>\n<li><em>Cybercriminals will use ransomware to shut down point of sale systems<\/em><\/li>\n<li><em>Cybercriminals will attempt to undermine the integrity of US 2018 midterm elections<\/em><\/li>\n<li><em>Blockchain will overtake AI in VC funding and security vendor road maps<\/em><\/li>\n<li><em>Firms too aggressively hunting insider threats will face lawsuits and GDPR fines<\/em><\/li>\n<\/ul>\n<p><strong>11)\u00a0<a href=\"http:\/\/www.informationsecuritybuzz.com\/expert-comments\/webroot-security-predictions-2018\/\" rel=\"noopener\">Webroot<\/a><\/strong>\u00a0\u2014 Excellent, wide assortment of predictions on topics ranging from ransomware to breaches to biometric security to government security to the infosec job market.<\/p>\n<ul>\n<li><em>Backups will not prove enough to stop ransomware as hackers find ways to subvert this strategy.\u00a0<\/em><\/li>\n<li><em>Consumer fightback \u2014 2018 will see major a major backlash (maybe class action lawsuits) from consumers, requiring more regulations around data protection especially in the U.S.\u00a0<\/em><\/li>\n<li><em>An increase in nation state cybersecurity breach activity as \u201ccold war\u201d like activity continues to escalate. Where countries and organizations (e.g., ISIS) will actually invest more into both defensive and offensive tech and skills to gain access to information that can be leveraged in numerous ways. I think we have only seen the early days of what\u2019s possible and likely here<strong>.<\/strong><\/em><\/li>\n<li><em>Discoveries of election meddling and social media tweaking will be an economic drag on some of the biggest tech giants in the industry \u2014 and be cause for further scrutiny on securing devices, networks, and communications channels and verifying identity. The tradeoffs between free speech and open digital access and convenience will become ever more apparent.\u00a0\u00a0<\/em><\/li>\n<li><em>State-sponsored service breach of critical infrastructure leading to loss of life and an extended timeframe to return to normal operations<\/em><\/li>\n<\/ul>\n<p><strong>12)\u00a0<a href=\"https:\/\/www.pcmag.com\/article\/356664\/gartners-top-predictions-for-2018-and-beyond-pace-yourself\" rel=\"noopener\">Gartner<\/a>\u00a0<\/strong>\u2014 Gartner again offers 10 strategic predictions (via\u00a0<em>PC Magazine<\/em>) that cover the next few years (through 2022). Here are a few of the security-related predictions from Gartner:<\/p>\n<ul>\n<li><em>By year end 2020, the bank industry will derive 1 billion dollars of business value from the use of blockchain-based cryptocurrencies.<\/em><\/li>\n<li><em>Through 2022, half of all security budgets for IoT will go to fault remediation, recalls, and safety failures, rather than to protection.<\/em>\u00a0<em>Most organizations don&#8217;t have a budget for IoT security now, but they will need to add one, [Gartner Fellow Daryl] Plummer said. By 2019, IoT security incidents will make the nightly news.<\/em><\/li>\n<li><em>Through 2021, AI-driven creation of &#8220;counterfeit reality,&#8221; or fake content, will outpace AI&#8217;s ability to detect it, fomenting digital distrust.<\/em><\/li>\n<\/ul>\n<p>In early December, 2017,\u00a0<a href=\"https:\/\/www.gartner.com\/newsroom\/id\/3836563\" rel=\"noopener\">Gartner issued a forecast<\/a>\u00a0that worldwide enterprise security spending will rise 8 percent in 2018 to $96.3 billion.<\/p>\n<p><strong>13)\u00a0<a href=\"https:\/\/www.tahawultech.com\/securityadvisorme\/insight\/sophos-malware-trends-predictions\/\" rel=\"noopener\">Sophos<\/a>\u00a0<\/strong>\u2014 Offers details on malware likely coming in 2018.<\/p>\n<p>And their\u00a0<a href=\"https:\/\/www.sophos.com\/en-us\/en-us\/medialibrary\/PDFs\/technical-papers\/malware-forecast-2018.pdf?la=en\" rel=\"noopener\">PDF<\/a>\u00a0offers excellent details and a new malware forecast.\u00a0They write:\u00a0<em>&#8220;In this report, we review malicious activity Sophos Labs analyzed and protected customers against in 2017 and use the findings to predict what might happen in 2018.<\/em><\/p>\n<p><em>The malware we protect customers from transcends operating systems. Ransomware in particular targets Android, Mac, Windows and Linux users alike. (Android phones run a modified version of Linux.) Four trends stood out in 2017 and will likely dominate in 2018.&#8221;<\/em><\/p>\n<ul>\n<li><em>A ransomware surge fueled by RaaS [ransomware as a service] and amplified by the resurgence of worms;<\/em><\/li>\n<li><em>An explosion of Android malware on Google Play and elsewhere;<\/em><\/li>\n<li><em>Continued efforts to infect Mac computers; and<\/em><\/li>\n<li><em>Ongoing Windows threats, fueled by do-it-yourself exploit kits that make it easy to target Microsoft Office vulnerabilities<\/em><\/li>\n<\/ul>\n<p><strong>14)\u00a0<a href=\"https:\/\/www.zscaler.com\/blogs\/corporate\/2018-security-predictions\" rel=\"noopener\">Zscaler<\/a><\/strong>\u00a0<strong>\u2014\u00a0<\/strong>Ten interesting predictions, including this unique and creative one:<\/p>\n<p><em>&#8220;We will see targeted attacks on digital\u00a0assistants.&#8221;<\/em><\/p>\n<p><em>It seems that every major tech company is now convinced that digital assistants (<a href=\"https:\/\/developer.amazon.com\/alexa\" rel=\"noopener\">Alexa<\/a>,\u00a0<a href=\"https:\/\/www.apple.com\/ios\/siri\/\" rel=\"noopener\">Siri<\/a>,\u00a0<a href=\"https:\/\/www.microsoft.com\/en-us\/windows\/cortana\" rel=\"noopener\">Cortana<\/a>) embodied as smart speakers (<a href=\"https:\/\/www.amazon.com\/dp\/B07456BG8N\" rel=\"noopener\">Amazon Echo<\/a>,\u00a0<a href=\"https:\/\/www.apple.com\/homepod\/\" rel=\"noopener\">Apple HomePod<\/a>) are the future of human-computer interaction. These devices are now mainstream and have become much more than just a convenient way to learn about today\u2019s weather or get the latest sports\u00a0scores.<\/em><\/p>\n<p><strong>15)\u00a0<a href=\"https:\/\/securityintelligence.com\/new-year-new-threats-five-security-predictions-that-will-take-hold-in-2018\/\" rel=\"noopener\">IBM<\/a>\u00a0\u2014\u00a0<\/strong>Offers interesting predictions, with the first two items being somewhat different than many other lists:<\/p>\n<ul>\n<li><em>AI Versus AI<\/em><\/li>\n<li><em>Africa Emerges as a New Area for Threat Actors and Targets<\/em><\/li>\n<li><em>Identity Crisis<\/em><\/li>\n<li><em>Ransomware Locks Up IoT Devices<\/em><\/li>\n<li><em>Finally Getting Response Right<\/em><\/li>\n<\/ul>\n<p><strong>16)\u00a0<a href=\"http:\/\/www.eweek.com\/innovation\/predictions-2018-cars-steal-mobility-innovation-thunder-from-smartphones\" rel=\"noopener\">eWeek<\/a><\/strong>\u00a0says that \u201cCars Steal Innovation Spotlight From Smartphones\u201d<\/p>\n<ul>\n<li><em>Autonomous vehicles:\u00a0&#8220;In the world of autonomous vehicles, we predict we are going to see much more incremental progress, and a slow and steady shift toward collaboration. Right now, it seems many are quick to imagine that a utopia of fully autonomous vehicles is just around the corner; however, the reality is that right now our algorithms just understand how humans drive with humans. Given this, our algorithms will need to evolve to better understand the nuances of how humans drive with semi- and fully autonomous vehicles; how various models from different manufacturers interact with each other on the road; and in diverse environments, infrastructure and weather conditions.&#8221;<\/em><\/li>\n<li><em>Cutting the car:<strong>\u00a0&#8220;<\/strong>Just as cable television users are cutting the cord in favor of streaming, this rise of shared mobility will lead some consumers to cutting the car. Personal car ownership will decrease over the years as alternative types of auto mobility flourish, and we project that Europe specifically will reach peak car by 2020. How soon we will see these shifts occur elsewhere remain to be seen, but it&#8217;s safe to say that personal mobility will look drastically different a decade from today.&#8221;<\/em><\/li>\n<\/ul>\n<p>Update:\u00a0<em>eWeek<\/em>\u00a0also released this\u00a0<a href=\"http:\/\/www.eweek.com\/security\/18-cyber-security-trends-organizations-need-to-brace-for-in-2018\" rel=\"noopener\">helpful slide show of 18 cyber security trends<\/a>\u00a0that organizations should be aware of heading into 2018. They follow my &#8220;18 for 2018&#8221; model in this annual cybersecurity prediction blog. (Imitation is the greatest form of flattery, so thanks.)<\/p>\n<p><strong>17)\u00a0<a href=\"https:\/\/blog.checkpoint.com\/2017\/12\/13\/lies-ahead-cyber-security-predictions-2018\/\" rel=\"noopener\">Checkpoint<\/a>\u00a0<\/strong>sticks to a few unique items in their forecast:<\/p>\n<ul>\n<li>Legitimate Organizations Caught Hacking<\/li>\n<li>Will Cryptocurrencies Be Regulated?<\/li>\n<li>Governments Deploying Cyber-Armies to Defend Their Citizens and Borders<\/li>\n<\/ul>\n<p><strong>18)\u00a0<a href=\"https:\/\/www.whitehatsec.com\/blog\/security-predictions-2018\/\" rel=\"noopener\">White Hat Security<\/a><\/strong>\u00a0<strong>\u2014<\/strong>\u00a0<em>Last year, Ryan O&#8217;Leary said, \u201cNothing will change. Companies will continue to get breached because of simple vulnerabilities.\u201d Unfortunately, my prediction was correct, but that\u2019s no surprise.\u201d This is still a good prediction for 2018.<\/em><\/p>\n<p><em>New this year: \u201c\u2026 More and more companies will start adopting the DevSecOps process and bring the Development, Security and Operations teams together. We\u2019ve seen this work with companies and we know it reduces both the number of vulnerabilities introduced, and also the time to fix those vulnerabilities. By making one team with the mission of fast, secure, and stable code we ensure that these teams no longer have competing priorities which hinder secure releases. \u2026\u201d<\/em><\/p>\n<p><strong>BONUS FOR FUN\u00a0<\/strong>\u00a0<strong><a href=\"https:\/\/www.beyondtrust.com\/blog\/cybersecurity-predictions-2018-5-year-predictions\/\" rel=\"noopener\">Beyond Trust<\/a><\/strong>\u00a0\u2013 Some great cybersecurity predictions\u00a0<em>at Beyond Trust<\/em>\u00a0that are similar to others. Also, these fun five-year predictions at the end of their report:<\/p>\n<ul>\n<li>Online secure elections.<\/li>\n<li>GDPR becomes untenable.<\/li>\n<li>Wearable medical devices.<\/li>\n<li>The end of cash.<\/li>\n<li>Bio-hacking will be in more than just in drugs and food.<\/li>\n<li>Fake social media is the next guerilla marketing tactic.<\/li>\n<\/ul>\n<p><strong>Honorable Mention: The Best of the Rest of the Cybersecurity Forecasts and New Year Security Trends<\/strong><\/p>\n<p>Other very good predictions, cybersecurity forecasts, and coming year security trends and write-ups that I\u2019ve seen for 2018 include these articles, reports and blogs worth viewing:\u00a0<a href=\"http:\/\/www.infosectoday.com\/Articles\/2018-Security-Predictions.htm#.WjsXBN-nHIU\" rel=\"noopener\">InfoSecToday.com<\/a>,\u00a0<a href=\"https:\/\/securelist.com\/ksb-threat-predictions-for-2018\/83169\/\" rel=\"noopener\">Securelist.com<\/a>,\u00a0<a href=\"http:\/\/www.healthcareitnews.com\/news\/2018-cybersecurity-prediction-extortion-attempts-ransomware-will-proliferate\" rel=\"noopener\">HealthCareITNews.com<\/a>\u00a0(on new extortion attempts),\u00a0<a href=\"http:\/\/www.informationsecuritybuzz.com\/articles\/offensive-security-cyber-insurance-cryptocurrencies-2018-predictions\/\" rel=\"noopener\">InformationSecurityBuzz.com<\/a>\u00a0(on cyberinsurance),\u00a0<a href=\"https:\/\/www.prnewswire.com\/news-releases\/top-10-technology-trends-for-2018-ieee-computer-society-predicts-the-future-of-tech-300571274.html\" rel=\"noopener\">IEEE<\/a>,\u00a0Security Boulevard\u00a0predictions (and their\u00a0<a href=\"https:\/\/securityboulevard.com\/2017\/12\/top-5-security-trends-2018\/\" rel=\"noopener\">top 5 IT security trends<\/a>),\u00a0AT&amp;T,\u00a0\u00a0<a href=\"http:\/\/www.huffingtonpost.co.uk\/entry\/tis-the-season-to-do-predictions-the-2018-cybersecurity-landscape_uk_5a1dae10e4b04f26e4ba949f\" rel=\"noopener\">Huffington Post<\/a>,\u00a0<a href=\"https:\/\/www.secplicity.org\/2017\/12\/05\/2018-security-predictions-major-cryptocurrency-will-fall\/\" rel=\"noopener\">Secplicity.org<\/a>,\u00a0\u00a0<a href=\"https:\/\/digitalguardian.com\/blog\/infosec-pros-on-top-infosec-concerns-for-2018-beyond#Lohrmann\" rel=\"noopener\">Digital Guardian.com<\/a>\u00a0(offering 30 experts&#8217; predictions, including yours truly),\u00a0<a href=\"https:\/\/www.csoonline.com\/article\/3242547\/security\/a-few-cybersecurity-predictions-for-2018.html\" rel=\"noopener\">CSO Online<\/a>,\u00a0<a href=\"http:\/\/www.informationsecuritybuzz.com\/articles\/predictions-centrify-cybersecurity-2018\/\" rel=\"noopener\">Centrify<\/a>,\u00a0<a href=\"https:\/\/www.forbes.com\/sites\/gilpress\/2017\/11\/26\/60-cybersecurity-predictions-for-2018\/\" rel=\"noopener\">Forbes<\/a>\u00a0(offering 60 predictions),\u00a0<a href=\"http:\/\/www.digitaljournal.com\/business\/cybersecurity-trends-for-2018\/article\/510244\" rel=\"noopener\">Digital Journal<\/a>,\u00a0<a href=\"https:\/\/www.cioreview.com\/news\/five-predictions-that-can-change-the-phase-of-cyber-security-in-2018-nid-25145-cid-145.html\" rel=\"noopener\">CIO Review<\/a>,\u00a0<a href=\"https:\/\/businessnewswales.com\/six-security-predictions-2018\/\" rel=\"noopener\">Business News Wales<\/a>,\u00a0<a href=\"https:\/\/www.healthcareinfosecurity.com\/blogs\/health-data-privacy-security-what-will-2018-bring-p-2578\" rel=\"noopener\">Healthcareinfosecurity.com<\/a>\u00a0(Rebecca Herold on health data privacy),\u00a0\u00a0<a href=\"https:\/\/www.informationsecuritybuzz.com\/articles\/2018-security-predictions-splunk\/\" rel=\"noopener\">Splunk<\/a>,\u00a0<a href=\"https:\/\/www.itbusinessedge.com\/blogs\/data-security\/prediction-health-care-in-the-security-crosshairs-in-2018.html\" rel=\"noopener\">IT Business Edge<\/a>\u00a0(on health care in the security crosshairs),\u00a0<a href=\"https:\/\/www.isaca.org\/Knowledge-Center\/Blog\/Lists\/Posts\/Post.aspx?ID=912\" rel=\"noopener\">ISACA<\/a>,\u00a0vArmour,\u00a0<a href=\"https:\/\/www.business2community.com\/infographics\/5-cyber-security-predictions-solutions-2018-infographic-01978590\" rel=\"noopener\">Teramind<\/a>\u00a0(w\/nice infographic),\u00a0<a href=\"https:\/\/www.itnewsafrica.com\/2017\/12\/top-10-it-security-predictions-for-2018\/\" rel=\"noopener\">IT News Africa<\/a>\u00a0and\u00a0<a href=\"https:\/\/betanews.com\/2017\/12\/21\/2018-security-predictions\/\" rel=\"noopener\">betanews<\/a>\u00a0(covering an AI arms race and more).<\/p>\n<p>Late-breaking security predictions for 2018 include:\u00a0<a href=\"https:\/\/www.komando.com\/happening-now\/433980\/new-year-new-threats-5-security-predictions-for-2018\" rel=\"noopener\">Kim Komando<\/a>,\u00a0<a href=\"http:\/\/www.rfidjournal.com\/articles\/view?17029\" rel=\"noopener\">RFID Journal<\/a>\u00a0(on IoT),\u00a0<a href=\"https:\/\/theoutline.com\/post\/2795\/this-is-the-best-list-of-cybersecurity-predictions-for-2018\" rel=\"noopener\">the Outline.com<\/a>\u00a0(in which Kelly Shortridge scrambles the prediction process using an online Markov chain generator), and\u00a0<a href=\"https:\/\/www.helpnetsecurity.com\/2018\/01\/02\/cybersecurity-predictions-2018\/\" rel=\"noopener\">HelpNetSecurity.com<\/a>.<\/p>\n<p><em>Note: I continue to add other prediction reports here as new forecasts\/cybertrends are released, so keep coming back into early 2018.\u00a0<\/em><\/p>\n<p><strong>Prediction Awards<\/strong><\/p>\n<p>So which 2018 security predictions do I like best? Here are my award-winners for 2018.<\/p>\n<p><strong>Most Creative<\/strong>\u00a0\u2014 eWeek \u2014 \u201cCars Steal Innovation Spotlight from Smartphones\u201d<\/p>\n<p><strong>Newest &amp; Specific<\/strong>\u00a0\u2014 Zscaler \u2014 We will see targeted attacks on digital\u00a0assistants. (Read the commentary above on #14).<\/p>\n<p><strong>Most Scary<\/strong>\u00a0(yet practical) \u2014 Checkpoint\u00a0\u2014 Legitimate Organizations Caught Hacking\u00a0<em>(I guess it depends on who is hacked and where &#8230;)<\/em><\/p>\n<p><strong>Most Common and Likely<\/strong>\u00a0(many) \u2014 Ransomware in more places with bigger ransoms demanded.<\/p>\n<p><strong>Most Dull<\/strong>\u00a0(yet also insightful for the\u00a0<em>second year in a row<\/em>) \u2014 Dan Lacey, White Hat Security: &#8220;<em>Nothing will change.&#8221;\u00a0\u00a0<\/em><\/p>\n<p><strong>Final Thoughts<\/strong><\/p>\n<p>I did not see very much missing this year on these prediction and forecast reports, but the\u00a0<a href=\"https:\/\/www.olympic.org\/pyeongchang-2018\" rel=\"noopener\">Winter Olympics<\/a>\u00a0in S. Korea and\u00a0<a href=\"http:\/\/www.fifa.com\/worldcup\/index.html\" rel=\"noopener\">FIFA World Cup<\/a>\u00a0(soccer) in Russia are noticeably absent. Of course, we also have the Super Bowl, World Series, March Madness and other major sporting events that could be disrupted.<\/p>\n<p>There were plenty of people predicting critical infrastructure disruptions, but no one really sticking their necks out to say a major critical system failure (such as a dramatic regionwide or nationwide power outage or the significant loss of life because of hospital systems failure) is likely due to hacking.<\/p>\n<p>Still, I agree with Bruce Schneier that regulation is coming for IoT when someone clearly dies from a cyberattack. Will 2018 be the year? Perhaps.<\/p>\n<p>In conclusion, here\u2019s one more quote from Abraham Lincoln that still applies as we head into 2018:<\/p>\n<p>\u201cThe best way to predict your future is to create it.\u201d<\/p>\n<p>Originally posted on <a href=\"http:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/the-top-18-security-predictions-for-2018.html\" rel=\"noopener\">Govtech Blogs<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ready to learn Data Science? Browse courses\u00a0like\u00a0Data Science Training and Certification developed by industry thought leaders and Experfy in Harvard Innovation Lab. What will happen in cyberspace in 2018? How will technology impact the real world over the next year? Once again, the cybersecurity industry is full of security predictions, trend reports, cyber forecasts, IT<\/p>\n","protected":false},"author":154,"featured_media":2415,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[187],"tags":[94],"ppma_author":[2650],"class_list":["post-1205","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bigdata-cloud","tag-data-science"],"authors":[{"term_id":2650,"user_id":154,"is_guest":0,"slug":"dan-lohrmann","display_name":"Dan Lohrmann","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","user_url":"","last_name":"Lohrmann","first_name":"Dan","job_title":"","description":"Daniel J. Lohrmann, an internationally recognized cybersecurity leader, technologist, keynote speaker and author, is the Chief Strategist &amp; Chief Security Officer at Security Mentor, Inc. He was recognized as the global CISO of the Year for security product and services companies by <a href=\"http:\/\/cybersecuritybreakthrough.com\/award-winners\/\">Cybersecurity Breakthrough Awards<\/a> in September 2017. He has advised senior leaders at the White House, National Governor&rsquo;s Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, fortune 500 companies, small businesses and non-profit institutions.&nbsp;He led Michigan government&rsquo;s cybersecurity and technology infrastructure teams from 2002 to&nbsp;2014<br \/>\n&nbsp;"}],"_links":{"self":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/users\/154"}],"replies":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/comments?post=1205"}],"version-history":[{"count":8,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1205\/revisions"}],"predecessor-version":[{"id":30181,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1205\/revisions\/30181"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media\/2415"}],"wp:attachment":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media?parent=1205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/categories?post=1205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/tags?post=1205"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=1205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}