What’s in store for security in 2018?

2018 will be a crucial year in determining our strength against vicious hackers. Here’s a glimpse at what we can expect.

state of infosec 2018 intro

2017 revealed the low hanging fruit of our security vulnerabilities; the systems that were easily hackable got hacked. These vulnerable systems showed themselves in businesses, with high-profile breaches at Equifax and Yahoo!, and in federal agencies, with pointed attacks against authoritative figures including Presidential Senior Advisor Jared Kushner. Because of these, and numerous other security breaches, Cybersecurity Ventures projects that the United States will spend $5 billion in ransomware damage costs in 2017.

And while 2017 was painful, it was not as painful as it could have been. Though corporations and government entities have made strides to improve security measures, there are still a lot of holes in our systems. 2018 will be a crucial year in determining our strength against vicious hackers. Here’s a glimpse at what we can expect:

Battle of who can use technology better and faster

Many organizations at this point have realized that advanced cloud computing, artificial intelligence and machine learning solutions can be used to enhance security. At the same time, however, hackers are also getting smarter and incorporating these technologies into their own schemes. What this means is that we’re poised to see a battle of who can use the latest tech solutions first, and who can use the latest tech solutions more effectively.

With little regulatory support, onus will be on businesses to improve security

While security is certainly a central issue for businesses and individuals today, it doesn’t appear to be at the top of the current administration’s agenda. Not only are we not seeing federal initiatives to police security issues, we’re witnessing potential attempts to relax measures that support better security. While other nations are forcing organizations to be accountable for maintaining the security of personal information through regulations like GDPR, the United States seems to be going the other way – likely to avoid dealing with detecting violations and issuing penalty fines.

With government failing to prioritize security, the onus will be on businesses to identify ways to better protect their data. Already, we’re seeing organizations rethink the way they’re managing information security. Recommended actions, such as two-factor authentication, are now standard protocol, and investment in dedicated security teams has significantly increased. As we move into 2018, we’ll see bigger security budgets and continued investment in dedicated security professionals – either in-house or from external vendors and specialists.

Red-hot security market

With security a major concern for organizations nationwide, new companies offering niche security solutions will increasingly emerge. Because security issues are rapidly changing, the vendor market will also move at breakneck speed. Venture investments and exits will be frequent – especially for providers that incorporate artificial intelligence and machine learning into their solutions – and we will also inevitably see some security companies dissolve as their offerings prove no longer relevant to current industry needs.

Security is a hot-button issue, and will continue to be in 2018. With so much fear and concern surrounding the protection of personal and sensitive information, the security industry is ripe for a reset. Rather than defaulting to tired scare tactics, organizations that bring peace of mind to businesses, agencies and individuals will win in today’s market. Who is best positioned to do that is still anyone’s guess. We should find out in the New Year.

Copyright © 2017 IDG Communications, Inc.

Make your voice heard. Share your experience in CSO's Security Priorities Study.