Light Dark
December 18, 2017 By Ted Julian 2 min read
Incident Response

2017 was action-packed in the world cybersecurity. Ransomware attacks exploded and the skills gap widened. But there were some bright spots too: Artificial intelligence is showing promise, and orchestration is helping analysts become more productive.

IBM Resilient’s Top Three Cybersecurity Predictions for 2018

Recently, I joined IBM Resilient’s Bruce Schneier, Gant Redmon and Maria Battaglia, along with Enterprise Security Group analyst Jon Oltsik, for IBM Resilient’s annual year-end webinar, “Cybersecurity in 2017 and the Year Ahead: The Fifth Annual Year-in-Review and Predictions Webinar.” During this webinar, we reviewed the biggest trends and lessons from 2017 and offered cybersecurity predictions for 2018.

We welcome you to watch the entire hour-long recorded discussion, but below are the top three cybersecurity predictions that emerged.

1. Internet of Things Attacks Will Make the News

The massive distributed denial-of-service (DDoS) attacks of late 2016 and early 2017 proved that internet-connected devices are a major security threat. With billions of connected devices globally, many of which regular people use daily, it’s more than likely that a serious attack could occur. 2018 seems poised to have the right combination of device proliferation, underlying vulnerabilities and bad-guy attention for Internet of Things (IoT) attacks to go to the next level.

2. Orchestration and Automation Will Be a Top Priority

To date, incident response orchestration and automation (O&A) efforts have been driven by early adopters opportunistically securing resources for these projects. In 2018, O&A efforts will gain line-item status in organizations’ security budgets. The early adopters will tout improvements from their initial deployments to gain support for expansion to facilitate additional use cases. Other organizations will try it for the first time and get hooked.

3. Businesses Will Rush to Prepare for GDPR

The European Union (EU)’s sweeping General Data Protection Regulation (GDPR) goes into effect in May 2018. While survey data varies, it’s clear that many businesses around the world are still unprepared. Given the enormous potential fines for noncompliance, companies will scramble. Unfortunately, those expecting to hire consultants to help might find such resources are already booked solid.

Don’t Let Your Guard Down in 2018

Whatever does happen in the cybersecurity realm in 2018, it’s likely to be just as action-packed as what we’ve seen in 2017. Vigilance will go a long way, but heightened security awareness is the best — and, perhaps, the only — protection against emerging threats that we can only begin to imagine today.

Watch the complete webinar: Cybersecurity in 2017 and the Year Ahead

 |  |  |  |  |  |  | 
Ted Julian
VP Product Management and Co-Founder of Resilient, IBM

More from Incident Response
August 23, 2024

How Paris Olympic authorities battled cyberattacks, and won gold

3 min read - The Olympic Games Paris 2024 was by most accounts a highly successful Olympics. Some 10,000 athletes from 204 nations competed in 329 events over 16 days. But before and during the event, authorities battled Olympic-size cybersecurity threats coming from multiple directions.In preparation for expected attacks, authorities took several proactive measures to ensure the security of the event.Cyber vigilance programThe Paris 2024 Olympics implemented advanced threat intelligence, real-time threat monitoring and incident response expertise. This program aimed to prepare Olympic-facing organizations…

August 7, 2024

How CIRCIA is changing crisis communication

3 min read - Read the previous article in this series, PR vs cybersecurity teams: Handling disagreements in a crisis. When the Colonial Pipeline attack happened a few years ago, widespread panic and long lines at the gas pump were the result — partly due to a lack of reliable information. The attack raised the alarm about serious threats to critical infrastructure and what could happen in the aftermath. In response to this and other high-profile cyberattacks, Congress passed the Cyber Incident Reporting for Critical…

July 31, 2024

PR vs cybersecurity teams: Handling disagreements in a crisis

4 min read - Check out our first two articles in this series, Cybersecurity crisis communication: What to do and Crisis communication: What NOT to do. When a cyber incident happens inside an organization, everyone in the company has a stake in how to approach remediation. The problem is that not everyone agrees on how to handle the public response to cyber crisis communication. Typically, in any organization, the public relations team handles the relationship between the company and the media, who then decide…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature