Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: What are you Concerned the Most in 2016? - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
What are you Concerned the Most in 2016?

There are quite a few predictions out there for 2016, obviously some appear more interesting than others. I picked three that I could have an impact on what we do:

1- Cybersecurity Skill Shortage

I don't think this one is really that new since it has been on the radar for some time now. Depending who you ask and where you live, most predictions estimate up to several hundred of thousand positions will remain unfilled by the end of 2016.

2- Growing Number of Devices on the Internet

According to Gartner [1], they predict there will be up to 6.8 billion device in use in 2016 a whopping 30% increase from last year. That is a lot of devices to support, maintain and protect. This might have the biggest impact for those of us working in cybersecurity. Do you see your workload increase this year?

3- Cybercrime continue to Thrive

With traditional network, you have control of both the entry and exit point of the network, however, when the data move into the cloud, this type of control is lost. As more data move to the cloud, the task to protect and control the data based on organization boundaries is no longer possible. What could be worst, cyber criminals use the resources you pay for to attack other organization (i.e. looks like the attack comes from your organization). According to a McAfee, "More than 70% think cybersecurity threats to their organization are escalating".[2]

What are you the most concerned with this coming year?


[1] http://www.gartner.com/newsroom/id/3165317
[2] http://www.mcafee.com/ca/resources/reports/rp-threats-predictions-2016.pdf

-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

Guy

427 Posts
ISC Handler
We'll you asked. And number 3 jumped out at me. Re:Cybercrime continue to Thrive. Just comes to mind that cybercrime is a crime of opportunity. And with that in mind I think the criminal is always looking for more opportunities to exploit.

One being in the Privacy arena.

For example we all like security for whatever reason. But it could be an opportunity for a criminal to exploit. As more we move to secure the more it seems we have to give up privacy.

The best way I can put it is if your going to do finger prints and iris scans as well face recognition and keep it in some huge database could we see the day that a criminal will take advantage of that?

We see now today that another avenue has opened to be more secure (Gun Issues) to have medical records from doctors that will be required to give the FBI mental health records and it must be stored in a database.

So your losing privacy for more secure society. But in turn one working on the inside and outside could do criminal activity to gain an advantage. Most times monetary. Or Blackmail.

I'm no tin foil hat individual. Just see if we keep gaining Privacy data we could be opening up a new door to exploitation that we might not ever seen before in 2016 and beyond.
Anonymous
I would say cyberattack should be a concern. Saw a report on engadget titled "Hackers shut down power grid in Ukraine". It is reportedly the first successful attack of its kind that actually shut down part of a power grid. Expect to see more.

Our reliance on technology is going to be, I believe, our Achille's Heel. A widespread cyberattack, taking out our banking and other necessary services, would be very destructive over the long term. Even more destructive (especially over the long term) would be an EMP blast at a height of several hundred miles. Not sure that is within the scope of what was asked though.

ISIS and other terrorist groups are not the only enemy who would engage such attacks. Russia and China are the main culprits in that regard.
Marko

7 Posts
or...
4. First big ios/android worm. There's soooo many 'droids out there dependent on telcos to receive security updates and sooo many telcos doing sweet F.A. about making updates available, it feels ta me like it's just a matter of time.

A cross-platform exploit that works on both windows and 'droid, for instance, would be a very bad thing.
Brent

109 Posts

Sign Up for Free or Log In to start participating in the conversation!