December 18, 2017 By Ted Julian 2 min read

2017 was action-packed in the world cybersecurity. Ransomware attacks exploded and the skills gap widened. But there were some bright spots too: Artificial intelligence is showing promise, and orchestration is helping analysts become more productive.

IBM Resilient’s Top Three Cybersecurity Predictions for 2018

Recently, I joined IBM Resilient’s Bruce Schneier, Gant Redmon and Maria Battaglia, along with Enterprise Security Group analyst Jon Oltsik, for IBM Resilient’s annual year-end webinar, “Cybersecurity in 2017 and the Year Ahead: The Fifth Annual Year-in-Review and Predictions Webinar.” During this webinar, we reviewed the biggest trends and lessons from 2017 and offered cybersecurity predictions for 2018.

We welcome you to watch the entire hour-long recorded discussion, but below are the top three cybersecurity predictions that emerged.

1. Internet of Things Attacks Will Make the News

The massive distributed denial-of-service (DDoS) attacks of late 2016 and early 2017 proved that internet-connected devices are a major security threat. With billions of connected devices globally, many of which regular people use daily, it’s more than likely that a serious attack could occur. 2018 seems poised to have the right combination of device proliferation, underlying vulnerabilities and bad-guy attention for Internet of Things (IoT) attacks to go to the next level.

2. Orchestration and Automation Will Be a Top Priority

To date, incident response orchestration and automation (O&A) efforts have been driven by early adopters opportunistically securing resources for these projects. In 2018, O&A efforts will gain line-item status in organizations’ security budgets. The early adopters will tout improvements from their initial deployments to gain support for expansion to facilitate additional use cases. Other organizations will try it for the first time and get hooked.

3. Businesses Will Rush to Prepare for GDPR

The European Union (EU)’s sweeping General Data Protection Regulation (GDPR) goes into effect in May 2018. While survey data varies, it’s clear that many businesses around the world are still unprepared. Given the enormous potential fines for noncompliance, companies will scramble. Unfortunately, those expecting to hire consultants to help might find such resources are already booked solid.

Don’t Let Your Guard Down in 2018

Whatever does happen in the cybersecurity realm in 2018, it’s likely to be just as action-packed as what we’ve seen in 2017. Vigilance will go a long way, but heightened security awareness is the best — and, perhaps, the only — protection against emerging threats that we can only begin to imagine today.

Watch the complete webinar: Cybersecurity in 2017 and the Year Ahead

More from Incident Response

How I got started: Incident responder

3 min read - As a cybersecurity incident responder, life can go from chill to chaos in seconds. What is it about being an incident responder that makes people want to step up for this crucial cybersecurity role?With our How I Got Started series, we learn from experts in their field and find out how they got started and what advice they have for anyone looking to get into the field.In this Q&A, we spoke with IBM’s own Dave Bales, co-lead X-Force Incident Command…

How Paris Olympic authorities battled cyberattacks, and won gold

3 min read - The Olympic Games Paris 2024 was by most accounts a highly successful Olympics. Some 10,000 athletes from 204 nations competed in 329 events over 16 days. But before and during the event, authorities battled Olympic-size cybersecurity threats coming from multiple directions.In preparation for expected attacks, authorities took several proactive measures to ensure the security of the event.Cyber vigilance programThe Paris 2024 Olympics implemented advanced threat intelligence, real-time threat monitoring and incident response expertise. This program aimed to prepare Olympic-facing organizations…

How CIRCIA is changing crisis communication

3 min read - Read the previous article in this series, PR vs cybersecurity teams: Handling disagreements in a crisis. When the Colonial Pipeline attack happened a few years ago, widespread panic and long lines at the gas pump were the result — partly due to a lack of reliable information. The attack raised the alarm about serious threats to critical infrastructure and what could happen in the aftermath. In response to this and other high-profile cyberattacks, Congress passed the Cyber Incident Reporting for Critical…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today