2017 has indeed been a busy year from cybersecurity perspective. We’ve witnessed sensitive data leaks from the National Security Agency, the Wannacry ransomware, massive Equifax breach to name a few from the long list.
2018 is expected to throw even more challenging scenarios, keeping everyone on their feet.
General Data Protection Regulation (GDPR)
This year has seen the biggest shift in focus within information security for more than a decade: data protection. The EU’s General Data Protection Regulation (GDPR) has more than ruffled a few feathers across the board. With only seven months to go, that clock is ticking!
2018 will witness a sharp increase in companies rushing to get their affairs in order as the reality dawns on them that after May 25. The way our data is collected, stored, handled, manipulated and reported on is never going to look the same again with more power and control over our personal information. Over the coming year, we’re likely to see more and more countries striving to equate local laws with those of the EU.
Attackers will continue to target holes in security basics
We will continue see more examples of basic security being overlooked and exploited by attackers. Successful IoT attacks will not be advanced, but rather exploit basic lapses in security by design for IoT devices, like shared passwords or unencrypted communications.
By the end of 2018, 85% of all web pages will be protected by HTTPS
We’ve seen strong growth in the number of HTTPS page loads and secure sites this year, primarily driven by Google and Mozilla, who have been encouraging the use of HTTPS. It’s just a matter of time until all HTTP sites are marked as insecure.
TLS 1.0 and earlier protocols will be history
With the wide adoption of HTTPS, it’s time to say goodbye to outdated protocols – SSLv3 and TLS 1.0. These protocols have severe vulnerabilities and should be disabled on all websites. Majority of the sites will be supporting TLS 1.2, and virtually no use of TLS 1.0 and older protocols.
Expect more botnet IoT attacks
We will continue to see exploits of IoT devices with usage aimed at botnet activity. The scope of unsecured devices is still large, which makes low hanging fruit for hackers.
Facial recognition may play role in identity verification
The recently unveiled iPhone X by Apple has facial recognition capabilities with secure local storage for the data and similar technology has been announced to be in the works by Facebook as well. While those technologies don’t yet have the recognition of accuracy and assurance to be reliable for identity verification used to issue certificates for publicly trusted digital signing, it is still a possibility to use them in authentication for simple electronic signature in the first phase in 2018.
By:- Sapan Talwar