(MENAFN - Khaleej Times) The cyber landscape changes dramatically year after year. If you blink, you may miss something; whether that's a noteworthy hack, a new attack vector or new solutions to protect your business. Sound cyber security means trying to stay one step ahead of threat actors.
In the spirit of looking toward the future, I wanted to grab my crystal ball and take my best guess at what will be the big story lines in cyber security in 2017.
1.) The Internet of Things (IoT) continues to pose a major threat. In late 2016, all eyes were on IoT-borne attacks. Threat actors were using IoT devices to build botnets to launch massive distributed denial of service (DDoS) attacks. In two instances, these botnets collected unsecured "smart" cameras. As IoT devices proliferate and everything has a Web connection - refrigerators, medical devices, cameras, cars, tyres, you name it - this problem will continue to grow unless proper precautions such as two-factor authentication, strong password protection and others are taken.
Device manufacturers must also change behaviour. They must scrap default passwords and either assign unique credentials to each device or apply modern password configuration techniques for the end-user during set-up.
2.) DDoS attacks get even bigger. We recently saw some of the largest DDoS attacks on record, in some instances topping 1 Tbps. That's absolutely massive and it shows no sign of slowing. Through 2015, the largest attacks on record were in the 65 Gbps range.
Going into 2017, we can expect to see DDoS attacks grow in size, further fuelling the need for solutions tailored to protect against and mitigate these colossal attacks.
3.) Predictive analytics gains ground. Math, machine learning and artificial intelligence will be integrated more into security solutions. Security solutions will learn from the past and essentially predict attack vectors and behaviour based on historical data. This means security solutions will be able to more accurately and intelligently identify and predict attacks by using event data and marrying it with real-world attacks.
4.) Attack attempts on industrial control systems. Similar to the IoT attacks, it's only due time until we see major industrial control system attacks. Attacks on e-commerce stores, social media platforms and others have become so commonplace that we've almost grown cold to them. Bad guys will move onto bigger targets: dams, water treatment facilities and other critical systems to gain recognition.
5.) Upstream providers become targets. The DDoS attack launched against DNS provider Dyn, which resulted in knocking out many major sites that use Dyn for DNS services, made headlines because it highlighted what can happen when threat actors target a service provider as opposed to just customers.
These types of attacks on upstream providers cause a ripple effect that interrupts service not only for the provider, but alsotheir customers and users. The attack on Dyn has set a dangerous precedent and will likely be emulated several times over in the coming year.
6.) Physical security grows in importance. Cyber security is just one part of the puzzle. Strong physical security is also necessary. In 2017, companies will take notice and will implement stronger physical security measures and policies to protect against internal threats and theft and unwanted devices coming in and infecting systems.
7.) Automobiles become a target. With autonomous vehicles on the way and the massive success of electric cars like Teslas, the automobile industry will become a much more attractive target for attackers. Taking control of an automobile isn't fantasy, and it could be a real threat next year.
8.) Point solutions no longer do the job. The days of Frankensteining together a set of security solutions has to stop. Instead of buying a single solution for each issue, businesses must trust security solutions from best-of-breed vendors and partnerships that answer a number of security needs. In 2017, your security footprint will get smaller, but will be much more powerful.
9.) The threat of ransomware grows. Ransomware was one of the fastest-growing online threats in 2016 and it will become more serious and frequent in 2017. We've seen businesses and individuals pay thousands of dollars to free their data from the grip of threat actors. The growth of ransomware means we must be more diligent to protect against it by not clicking on anything suspicious. Remember, if it sounds too good to be true, it probably is.
10.) Security teams are 24/7. The days of security teams working 9 to 5 are long gone. Now is the dawn of the 24/7 security team. As more security solutions become services-based, consumers and businesses will demand the security teams and their vendors be available round the clock. While monitoring tools do some of the work, threats don't stop just because it's midnight, and security teams need to be ready to battle all day, every day.
The writer is regional director, Mena at A10 Networks. Views expressed are his own and do not reflect the newspaper's policies.