1. Marcin Kleczynski, CEO, Malwarebytes
In 2018, we anticipate that cybercriminals will look to target and exploit more security software. By targeting trusted programs and the software and hardware supply chain, attackers can take control of devices and wholeheartedly manipulate users. As more events of these types become known, the public and business perception of security software, and particularly antivirus solutions, will further deteriorate.
2. Malcolm Harkins, Chief Security and Trust Officer, Cylance
GDPR will be the Y2K of 2018 – Companies are publicly touting their GDPR readiness, but behind closed doors, I expect a lot of uncertainty about the ability to comply with these new and incredibly strict guidelines. While GDPR won’t result in the same public hysteria as Y2K, IT practitioners who were around at the turn of the century will feel a bit of déjà vu.
3. Steve Durbin, managing director, Information Security Forum
Criminal organizations will continue their ongoing development and become increasingly more sophisticated. The complex hierarchies, partnerships and collaborations that mimic large private sector organizations will facilitate their diversification into new markets and the commoditization of their activities at a global level. Some organizations will have roots in existing criminal structures, while others will emerge focused purely on cybercrime.
4. Sam Curry, Chief Security Officer, Cybereason
Destructive Cyberattacks Will Increase – Even though the majority of cyber incidents are still motivated by espionage or criminal activity, more destructive attacks fueled by masquerading tools, especially by nation-state actors, will be an alarming and growing trend in 2018. They’re also a perfect way for novice attackers to show their chops.
5. Brian NeSmith, CEO and co-founder, Arctic Wolf Networks
A Major Corporation Will Get Caught with Sticky Hands in the Cookie Jar – We’re going to see more instances of corporate spying in 2018 where one corporation is looking at another’s data in an effort to make company gains or steal business secrets. And eventually, somebody is going to get caught!
6. Adam Hunt, chief data scientist, RiskIQ
Threat actors will increase their adoption of Adversarial Machine Learning to evade detection by infrequently trained machine learning models. Machine learning models will need to evolve quickly to keep up with these threats by incorporating instance-based approaches.
7. Deral Heiland, IoT Research Lead, Rapid7
Internet Embedded Technology will take center stage in a major breach – With the ever-expanding influx of Internet Embedded Technology (IET) within businesses, such as printers, conferencing solutions, building security technology, heating, ventilation and air conditioning, automated lighting and other various consumer-based Internet of Things technologies, I would not be surprised if we see these technologies take center stage in a major breach in 2018.
8. Gilad Peleg, CEO, SecBI
Bitcoin will become so profitable in 2018 that it will have devastating impacts for years to come, including corporate machines exploited to mine bitcoin, costing enterprises money in employee productivity, hardware half-life, and electricity bills: Not only are employees’ laptops and PCs at risk, but mobile devices and even entire server farms will be a targets for remote factors.
9. Bill Diotte, CEO, Mocana
There is a lot of momentum going into 2018 when it comes to regulating and creating industrial compliance standards. With 2017’s buzz around critical infrastructure attacks on health care facilities and the power grid, for example, regulatory bodies both in the United States and around the globe are beginning to understand that they must prevent — not just detect — these attacks.
10. Nigel Smart, co-founder, Dyadic
Fake news is only going to get worse – Fake news became a major issue in 2017 and will likely get worse in 2018. In 2017, fake news was defined as a bend of the truth or an outright lie on behalf of the media. However, fake news can be looked at as an attack on authenticity in general. With CGI, photoshop and voice-over technology, it’s almost impossible to tell if a photo or video is real or fake. Solutions such as digital signatures and encryption enabled on trusted recording devices could help combat this issue, but the camera industry needs to include these options on equipment used by the news media in order for it to have an impact.