INTELLIGENT BRANDS // Enterprise Security
ANSecurity’s technical
director warns of potential
security breaches
/////////////////////////////
A
s predictable as day follows night,
2018 will see more high-profile
breaches impact large and well-
known companies. What will be less visible to
the public will be the activities of Crime-as-
a-Service (CaaS) which will expand, allowing
more focused criminals to rent resource for
ransomware campaigns that may never
be exposed to the light of public scrutiny.
Repeats of a ‘ransom-worm’ using a true
zero-day vulnerability is a major concern over
the coming year.
The rise of CaaS will also lead to increasing
sophisticated ransomware and phishing
campaigns as well as the misuse of
advertising and other Content Delivery
Networks for drive-by exploitation,
www.intelligentcio.com
alongside more well-crafted and convincing
email campaigns.
Over the last few years, the growth of
the Internet of Things (IoT) has been a
major trend which will only accelerate
during 2018, leading to a bigger surface
area to launch DDoS attacks and as a
conduit for injecting malware. The next
12 to 18 months will likely see a major
IoT vulnerability within a commonly used
shared library that will have a major impact
and will make international news.
The approach of the GDPR deadline will
hopefully raise awareness of the need
for good practice around security that
spreads from beyond IT to other areas
of the organisation. Laziness around
password security and lack of two factor
authentication are still issues that are hard
to overcome but the big stick of GDPR fines
may well motivate organisations that have
previously put their heads in the sand.
There seems a growing public awareness
about security, especially within the
consumer electronic market that is being
remade by the growth of IoT. A major
incident in 2018 that impacts a large number
of users where the culprit is a major vendor
and the result is a class action lawsuit, might
well be the catalyst for vendors to start
building better security within products from
day one – instead of the ‘launch fast and
patch later’ situation we have today. n
INTELLIGENTCIO
81