Smarter Hackers, Bigger Breaches In 2018

2017 was a bad year for cybersecurity – phishing scams, massive breaches, ransomware, state-sponsored attacks, and new attack vectors. Will 2018 be better? No, says Michael Nadeau, it will be worse because security teams and budgets won’t keep pace. Among his predictions: Many, if not most, U.S. companies will not meet Europe’s General Data Protection Regulation compliance by the deadline, and organizations that don’t take GDPR seriously and experience an event that triggers an investigation are at risk of a heavy fine; GDPR regulators will quickly make an example of an organization, probably Google, Apple, Amazon, or Facebook; the decline of password-only authentication will accelerate, but most people still have no idea about password alternatives or enhancements; State-sponsored attacks will increase; and attacks via compromised internet of things (IoT) devices will get worse because millions of connected devices have little or no defense against hackers who want to gain control of them. In fact, it’s getting easier for hackers to take over scores of (IoT) devices. All they have to do is purchase a botnet kit from the dark web and they are in business.