by Richard Beck

The cyber threat will continue to be persistent within all industries within UK PLC. The smaller organisations who often feel immune today will have their fair share of problems via traditional day to day cyber enabled crime, whilst the majority will continue to fall victim of low cost phishing attacks. The evolving digital landscape, agile infrastructure and automation of technologies provides an innovative environment for hacking and exploiting new technology. Securing the pervasive digital presence within an organisation will challenge the way security professionals think about security architecture, what a ‘device’ is and its ‘identity’, aligned to multi-layered communication and integration issues. Notwithstanding how this dovetails into core business processes and how these devices, people and apps communicate together. The advancement in automation will see a rise in the already sophisticated automated hacker toolsets, seeing an advanced hacking capability from a less skilled advisory.

The threat landscape has changed for all of us, from attacks on critical infrastructure to aggressive ransomware attacks in local government and wholesale denial of services. The ubiquitous security weaknesses within the vast number IoT devices which are set to transform all our lives, are now unwitting co-conspirators allied in global distributed denial of service attacks. These attacks will continue to challenge the very fabric of the internet, as we know it today. Managed service providers (Cloud and IT) will offer premium cyber safe(r) services, akin to those offering continuity and resilience enhancements to services today. None will be exempt from the new wave of cyber compliance legislation, led in Europe by GDPR, where a disregard for privacy and protection of consumer data will result in huge financial penalties.

Cyber security will cross the traditional boundary from information security risk, focused on Confidentiality, Integrity and Availability of data and information assets. Cyber security will become visible as a critical safety concern. Every dimension of our lives is becoming digital, from the cars we drive to our connected homes and cities, the impact of a cyber-attack as we look forward will affect the safety of people and our digital environments. Cyber security professionals will also become responsible for keeping people and the environment safe. This convergence will require us to think about the changes needed for security within business operations, and the depth of supply chain engagement with security professionals.

Transformational cybercrime capabilities are leveraging digital currency such as the Bitcoin, underpinned by Blockchain, to anonymously monetise malware and exploit kits on a tremendous commercial scale. There are over 300 different ransomware variants already from 50 different families of malware. Each new variant brings better encryption and new features, taking advantage of asymmetric cryptography algorithms that use two separate keys. Malware evasion and encryption technologies will continue to dominate the landscape as this lucrative cybercrime market evolves. Security researchers prepared to cross the line and sell their zero day wares to the highest bidder will continue to support the advancement of modern cyber warfare. Where the blurred lines of state actors and organised cyber-crime work hand in glove for mutual accord in support of targeted attacks.

Cyber defenders will move from legacy incident response duties to a continuous response mode of operation, spending less on prevention technologies and more on investing in their ability to detect and respond. Organisations will develop Security Operations Centre (SOC) capabilities to actively defend against future cyber threats. Active ‘offensive’ defence needs a blend of cyber skills borne out of experience and exposure to multi-layered attack patterns. This can be accomplished through simulating cyber-attack operations, where teams practice detecting and responding to realistic situations to gain the necessary skills. Mining operational security Big Data sets combined with advancements in Machine Learning will provide a pivotal watershed in combating cyber-crime and reducing an organisations attack surface. Offering defenders improved attribution techniques to enhance forensic cyber intelligence capabilities.