In case you haven’t noticed the flood of dedicated content here on SecurityIntelligence, not to mention Twitter, we are currently in the midst of National Cyber Security Awareness Month (NCSAM). The overarching theme of this year’s campaign is “Securing the Internet Is Our Shared Responsibility,” which is a critical lesson to remember not only in October, but also throughout the year.
IBM Security Experts Predict the Future of Cybersecurity
In addition to the principle theme of shared responsibility, each week of NCSAM has its own theme as well. Week three, which we’ve just entered, gives us the opportunity to consider “Today’s Predictions for Tomorrow’s Internet.” While no one truly knows what the future holds, seven experts at IBM Security were happy to make some educated guesses.
Listen to the podcast: We’re All In This Together — National Cyber Security Awareness Month
The Increasing Importance of Incident Response
Limor Kessem, executive security advisor: Incident response will be more important than ever for consumers and businesses alike. When the term incident response is raised, the first thing that might come to mind is organizations having to prepare for a possible cyber incident that might adversely affect its operations and bottom line. And that is, indeed, true as ever, but incident response is also the business of anyone operating an endpoint, including consumers, whether using the internet on a desktop, laptop or mobile device.
With attacks such as ransomware rising uncontrollably, constant escalation in mobile threats, and cybercriminals devising more ways to compromise and use personal data, it is high time for consumers to have an incident response plan of their own.
As a consumer, do you have a backup system set up for your important files and cherished memories? It is easy to set up cloud backups, and a low-cost option is to also own an external drive you can save your files to and keep disconnected from the endpoint. In case of a ransomware attack, guess who’s not paying the bad guys!
Do you know what to do to secure your online accounts? What if your password somehow gets reset and a criminal takes over your account? Do you have a setup that will inform you of an issue outside a short message service (SMS) message? Maybe SMS is not the best option for some of your accounts, and that should not be an afterthought if that account holds any value to you.
How about securing your personal details? With personally identifiable information (PII) roaming the internet like never before, you might be the last to find out when your data has been compromised and used by a criminal. From medical fraud to insurance fraud to taking out a loan in your name, criminals will stop at nothing, and often money will only be the start of the problem. Plan for a rainy day by setting up special alerts on use of your personal details and make sure you get a call if ever a new credit line or loan is requested on your behalf.
Artificial Intelligence Becomes Integral
Brian Evans, senior managing consultant: Artificial intelligence (AI) solutions will become an integral part of any cybersecurity program in the not-too-distant future. Humans can’t keep up with the overwhelming volume of threats and vulnerabilities. AI can speed up the detection and analysis as well as increase decision-making time, accuracy and protection measures.
QRadar Advisor with Watson already offers an AI-human combination and puts us one step closer to the future by harnessing the power of Watson for Cyber Security to enable security analysts to respond to threats with greater speed and scale.
An Application Security Wake-Up Call
Neil Jones, market segment manager for application security: A major data breach or a physical security incident will result in casual users taking location tracking capabilities on their mobile applications much more seriously. Applications will also be more likely to inform users that location information is being easily provided to other global users of the apps.
The Rapid Evolution of the IoT
Rohan Ramesh, senior product marketing manager for Watson for Cyber Security: We are moving toward a more connected world with the Internet of Things (IoT) and rapid evolution of technology and software. With rapid innovation, businesses and individuals that are slow to upgrade or keep up with the latest software are left with unsupported software and systems that may have unpatched vulnerabilities.
My prediction is that the majority of hackers will take advantage of these unpatched and unsupported systems, as they have been in recent years, to cause greater damage to reputation and financial bottom line. Therefore, endpoint hygiene is still going to be a high priority as computing power and business logic moves from the cloud to devices for real-time processing of information.
The IoT Becomes Ubiquitous
James Murphy, offering manager for Watson IoT Platform: The value of the IoT to society and business will grow as the number and variety of devices connecting to the internet continues to expand. Having access to a trusted IoT platform will be the first step in the right direction.
Just like the adoption of the smartphone, the IoT will be ubiquitous and expected in everyday life. However, it will take trusted partnerships to sustain the integrity and security posture of those IoT solutions. Individuals and businesses will have to master the basics of IoT security. IoT security and operational integrity will be best addressed though shared responsibility and a multipronged approach to help realize the value of IoT solutions.
The future of tomorrow’s internet will depend on reputable threat intelligence to provide insights that will further enhance the security of tomorrow’s digital world.
The Year of Mobile Malware?
Michelle Alvarez, threat researcher and editor: I predict that some of our predictions will fail — gasp! It’s true, though. We’re human, therefore fallible. Just look at Y2K predictions. And if we had a magic ball, we would have all invested handsomely in bitcoin in 2013 and be close to retirement at this point.
We do get some things right, though. Take our ransomware prediction, for instance: WannaCry made that one come to fruition in 2017. But I think we’re still waiting for the explosion of mobile malware. Don’t get me wrong — it’s a serious threat, I just don’t think we’re ready to call 2018 the Year of Mobile Malware. But, then again, I may be proven unequivocally wrong — that’s how predictions work. They’re a good guess of what might happen, and they might or they might not.
Stop and Look Around Once in a While
Pam Cobb, team lead and product marketing manager for IBM X-Force: At its core, the internet is used to connect people to each other, whether black hats or white hats. Without shifts in the behaviors of people themselves, the internet will continue to function much as it is today, bringing together the sportos, motorheads, geeks, nerds, waistoids, dweebies and hackers together for both good and bad.
The internet moves pretty fast. If you don’t stop and look around once in a while, you could miss it. So I don’t have a prediction so much as a hope that we will go forth to affect the change we want to see with our choices and behavior.
Apply NCSAM Lessons Year-Round for a More Secure Future
The most important lesson to take away from week three of NCSAM is that we must take our collective responsibility for the overall security of the internet seriously — or risk facing threats that today we can only imagine. Predictions from venerable experts such as those at IBM Security can serve as a guideline to help users prepare for those challenges, but the only real defense against the evolving cybercrime landscape is a dedication to cybersecurity awareness — not just during NCSAM, but year-round.
Listen to the podcast: We’re All In This Together — National Cyber Security Awareness Month
Security Intelligence Staff