Cyber security regulations improvement
We need to see a continuing improvement in the relevant regulations as apply to cyber security.
The dynamic and fast-moving nature of cyber security outpaces regulation which is far too slow and clumsy to be of any benefit and might actually hinder security by building a culture of compliance with regulations and a false sense of security against enemies who are agile, motivated, and clever.
Demand will continue to rise for security skills
A global shortage of cyber security skills in the workplace arguably makes organisations more desirable targets for hacking.
Demand for expertise will rise as companies realise that their current IS strategy is not sufficient.
Also, with companies increasingly in-sourcing their security needs, internal training and skills growth has to continue to accelerate.
Cyber security and Internet of Things (IoT)
‘Secure by design’ will garner much copy but probably will not deliver until 2019 or beyond.
On the other hand, the next generation of AI-powered attacks will be crafty enough to emulate the behaviours of specific users to fool even skilled security personnel.
This might include the ability to craft complex and bespoke phishing campaigns that will successfully fool even the most threat-conscious among us.
Cyber risk insurance will become more common
This type of insurance will increasingly become part of operational risk strategy however, the insurance industry needs to tailor products specific to client needs and not just provide blanket cover as extensions to existing risks.
As the industry evolves we might see cyber insurance covering for loss of reputation and trust with their customers, loss of future revenue from negative media or other exposure, and improvement costs for security infrastructure or system upgrades.
Breaches will get more complicated and harder to beat
Cyber criminals will look to grow their malicious activities using ransomware in ever more devious ways.
Such a ransomware variant has already been discovered using an innovative system to increase infections: the software turns victims into attackers by offering a pyramid scheme-style discount.