If you are a celebrity or a rock star, 2016 was a dangerous year. It was an even more difficult year to be an IT security professional, with cyber attacks and the associated costs continuing to rise.
What will 2017 bring? Many experts have already predicted top security trends for 2017, such as eWeek’s recent security slideshow featuring 17 different security experts forecasting their top cyber security trends for 2017.
One thing is clear: We all will face new challenges, a higher number of attacks, and require even more network visibility as cyber criminals are sure to introduce more advanced threats. As a result, IT security teams and business operations will have to work together very closely to ward off cyber-attacks in 2017.
In mid-October, the Mirai code was released on the Internet targeting smart devices. It resulted in an unprecedented distributed denial of service (DDoS) attack that disrupted web services giants such as Twitter and Spotify.
With nearly 5,000 new smart devices connecting to the Internet each minute, you can expect potential attackers to focus on opportunities like the Mirai code to launch more DDoS malware in 2017. Any smart device can become a significant vulnerability, from Android and iOS smartphone to fitness trackers and Bluetooth speakers. These attacks can happen quickly, requiring constant vigilance and immediate action.
Not the trend you were hoping to see, but the reality is that according to Akamai, DDoS attacks increase 125% year over year and 2017 is expected to be the same. For proof, consider the findings from a recent Cisco report, “The Zettabyte Era—Trends and Analysis”:
– DDoS attacks have increased more than 2.5 times over the last three years.
– Globally, the number of DDoS attacks grew 25 percent in 2015 and will increase 2.6-fold to 17 million by 2020.
– The average size of DDoS attacks is approaching 1 Gbps, which is enough to take most organizations completely off line.
As described above, the Mirai code attack in October will likely embolden criminals lured by the potential disruption it managed to produce. Criminals also know that solutions deployed to protect against DDoS are often installed and forgotten, with most organizations not having sufficient resources to proactively monitor activity and scrutinize logs for early warning signs. It’s a vulnerability criminals simply won’t ignore.
With breaches at corporations and agencies rising uncontrollably, it is inevitable that customers will lobby for better protection and stronger privacy legislation. It is likely that the FTC will become an increasingly active player, depending in large part on what position President-elect Trump chooses to take on the issue of cybersecurity and increased privacy regulations.
That may not be good news for corporations already having a hard time recruiting security experts to help fortify their efforts. Professionals who understand how to secure an organization against a growing number of vulnerabilities are scarce, which means most organizations are only managing to plug holes as new threats surface every day.
Attracting and developing new talent will continue to be a challenge, as will identifying cost-effective security solutions to bridge the gaps. For example, many experts suggest that organizations should be much more proactive in using cyber hunters to identify threats that exist in the organization and eliminate them now – before it’s too late. Companies will need to give cyber hunters the right tools they need to be successful in this role.
The FlowTraq Advantage
Fortunately, FlowTraq’s network monitoring, analysis, and forensics tools provide complete visibility into what’s happening on your network so you can mitigate the risks of DDoS and enforce security policies. With real-time alerts into abnormal, potentially suspicious behavior, you get the information you need to take action without delay.
 Cisco, “The Zettabyte Era—News and Analysis,” June 2, 2016.