This is the eleventh in our series of cybersecurity predictions for 2016. Stay tuned for more through the end of the year.
Cybersecurity has become a mission-critical function for businesses over the years, and the need for comprehensive defences against cyberattacks will only increase as we move forward. Given some of the events over the last year, I’m sharing what I anticipate will develop over the next year in the cybersecurity space.
1. Security strategy shifts in the EU
As cyberthreats increasingly impact society and economies, government regulation is evolving to reflect the risk and drive confidence in digital space. Initiatives like the Network Information Security Directive and General Data Protection Regulation Reform will have significant influence on cybersecurity policies in 2016. In the wake of these regulations, businesses will have to grapple with new requirements to align with these mandates.
2. Cybercriminals focus in on mobile payments
The payments landscape is in the midst of a huge shift with the advent of Apple Pay, Google Wallet and other eWallet services, and there’s no doubt that cybercriminals will follow the money. As a result, 2016 will see an increased focus from businesses and mobile providers on preventing cyberattacks on mobile devices.
3. Security of European supply chains is scrutinized
It is commonly said about supply chains that we are only as strong as the weakest link. This proves true with cybersecurity across supply chains worldwide, as we’ve observed in a number of high-profile breaches over the last year. In Europe, supply chains often cross borders, and companies grapple with different levels of cybersecurity awareness or regulation, resulting in complex networks of potential entry points for cyberthreats. Over the next year, we can expect to see increased scrutiny of cybersecurity policies across all parts of the supply chain and the bolstering of weak points as they are identified.
4. CSO evolution
Historically the CSO reported in to the CIO, but we have seen this shift as cybersecurity becomes a bigger issue for businesses. Our recent report, “Governance of Cybersecurity 2015,”highlights that Europe is the only region to show a sizable shift from CISO/CSOs reporting to the CIO, moving from 50 percent in 2012 down to 33 percent in 2015. We will see the role of the CSO continue to evolve over the next 12 months.
5. Reduction of traditional business networks
As 2015 comes to a close, we’re seeing over a zettabyte of data crossing global networks and three times as many IP-enabled devices as people. As data grows, businesses are opting to outsource, cloudsource and consumerise their IT systems rather than invest in big, complex systems themselves. This adoption of SaaS technology, along with the rise of BYOD, the IoT and wearables, is shifting how businesses are thinking about shadow IT. Over the next 12 months, we expect to see shadow IT become a business priority.
6. Blurring boundaries of attacks
APT and nation-state attacks have been a key focus over the past few years; however, more common attacks are incorporating advanced concepts, such as multiple components to avoid detection, taken from the APT attack lifecycle, and focusing in on more implicit targets. As nation-states look to cybercriminals for knowledge sharing and new tactics, and as these boundaries blur, we need to use solutions that work cohesively to prevent blended approaches.
No one truly knows what the future holds, but we have a pretty good idea of what we should anticipate in the cybersecurity world moving forward. The key for businesses is to identify their weak spots and ensure they have the right stronghold of policies and technology in place to prevent breaches and keep businesses up and running. And when we know what to look out for, we can bolster our businesses against the threats of tomorrow.
Want to explore more of our top 2016 cybersecurity predictions? Register now for Ignite 2016.
[Palo Alto Networks Blog]