Cyber security is an escalating topic that’s receiving a large amount of attention. This is a broad subject. Most commonly, cyber security is mentioned when talking about the latest malware attack, phishing email, social media hack or cloud-based services. As technology improves, new vulnerabilities are discovered and new obstacles challenge security professionals.

To help us understand this dynamically changing environment, we asked a number of cyber security experts to share their view on cyber security trends and predictions for the upcoming year. Below you’ll find the responses to the question we posed:

What are your cyber security predictions for 2018?

Meet our Panel of Cyber Security Experts:

Daniel Miller Xu Zou Bob Herman Lee Barrett Trave Harmon Jamie Clifton Ken Baylor Richard Jones Mark Barton Nick Espinosa Marco Demello Doug Pettigrew Mark Milcox George Tatar Steven Weisman Les Multack

DANIEL MILLER

Daniel Miller is the Director of Product Marketing at Ericom Software.

My 2018 cyber security prediction is… Remote secure browsing is on the rise and internet security must take on a new approach to protect against ransomware and other internet-borne threats.

BOB HERMAN

Bob Herman is co-founder and president of IT Tropolis, a service providing professional and managed IT services.

My 2018 cyber security prediction is… IT service providers will successfully penetrate the SMB market with much needed cyber security services as the SMB community comes to grips with their vulnerability to cyber attacks, realizing not only “the big boys” are targets. The need to monitor, detect, remediate and report on both internal and external vulnerabilities will drive SMB adoption of cyber security services.

TRAVE HARMON

Trave Harmon has been involved with computers all of his life starting at 5 years old with a Commodore Vic 20. Trave is president of Triton Computer Corp.

My 2018 cyber security prediction is… We’ll see a greater convergence of cloud services for the individual business either at small, medium or enterprise. Traditional IT will be overtaken by cloud-based services and on-demand services. SaaS will become the new norm, from office software, antivirus, and soon operating systems. Prime example is Windows 10.

MARCO DEMELLO

Marco Demello is an internationally recognized security and privacy expert with more than 20 years of experience protecting desktop and mobile devices from threats. Marco is CEO at PSafe Technology.

My 2018 cyber security prediction is… New attacks will grow against home automation/AI assistants, such as Amazon Echo, Apple HomeKit, and Google Home. Attacks will also be aimed at the automation communications layer – ZWave and Zigbee – enabled devices, which control home locks, garage door openers, video surveillance systems, home lights, TVs, and so on, will become targets.

MARK MILCOX

Mark Milcox holds two patents in identity management and is best known for his published work, “Implementing LDAP.”

My 2018 cyber security prediction is… GDPR. General Data Protection Regulations. It’s an EU regulation that applies to every country in the world. Companies are expected to be in compliance by May 2018. And if they’re not, they could face fines of up to 4% of their global annual revenue. How companies prepare and how the regulation is enforced, I believe will be the #1 security question company boards will be talking about in 2018.

STEVEN WEISMAN

Steven Weisman is a lawyer, author and college professor at Bentley University where he teaches White Collar Crime. Steve’s most recent book is “Identity Theft Alert,” and he’s a nationally recognized expert in cyber security. Visit his website.

My 2018 cyber security prediction is… Identity theft due to skimmers installed at gas pumps will increase as the deadline for gas pumps to change to the EMV cards has been pushed back, even when the date for compliance has passed. We’ll still see many gas pumps not being updated as we’ve seen in many ATMs and retail stores.

KEN BAYLOR

My 2018 cyber security prediction is… Vendor security will become critical. Most major breaches are caused by third party negligence. Vendor security seeks to weed vendors with bad security practices out. The GDPR (coming into effect on May 2018) and privacy shield requires companies to do deeper vendor security due diligence than before.. As many of the established vendors in this space are just modified vulnerability scanners, enterprises will search for efficient and affordable human auditors to carry out this work, and embrace new industry-led standards. Passing vendor due diligence will become critical for technology purchase rather than an afterthought.

XU ZOU

Xu Zou is co-founder and CEO of Zu Zou. Xu holds 10 international patents on security and networking.

My 2018 cyber security prediction is… When it comes to the Internet of Things (IoT), we’re only seeing the tip of the iceberg for security breaches. With devices connecting at a spectacular rate—often with security as an afterthought —it’s only a matter of time before we start to see significant IoT breaches. These breaches can cause service disruptions and/or serve as an entry point to take down the entire ecosystem. For 2018, companies need to point their radar towards keeping IoT devices secure and safe.

LEE BARRETT

Lee Barrett has been Executive Director of The Electronic Healthcare Accreditation Commission (EHNAC) since its inception in 1993. Lee continues to work on key HIT industry initiatives that lay the foundation for health information technology.

My 2018 cyber security prediction is… The following presents the greatest threat due to the lack of financial, staffing and technological resources. A shortage of IT professionals with security expertise will continue. The current shortage of IT professionals trained to address ransomware and cyber security, as well as emerging initiatives such as Internet of Things (IoT) connectivity and mobile access, is apparent.

JAMIE CLIFTON

Jamie Clifton is vice president, product management and solutions for BridgeHead Software.

My 2018 cyber security prediction is… The new year will introduce a trend of companies moving away from traditional antivirus and security products to more sophisticated solutions with built-in prevention and rewind capabilities for IT personnel.



MARK BARTON

Mark Barton is president of Wild Prairie Computers and Consulting Inc. Mark has been in the IT Services Industry for 17 years.

My 2018 cyber security prediction is… Ransomware attacks will continue to expand, because many people fail to patch their systems as needed. With so many great tools this is easy to fix with a little automation and education. For many, these data breach news reports are scary, but it doesn’t have to be if you get educated on the risks and how to mitigate it.

RICHARD JONES

Richard Jones is vice president of Grid Security at BRIDGE Energy Group. Richard is a recognized thought leader in cyber security, and has held a series of notable security leadership positions.

My 2018 cyber security prediction is… As the velocity and sophistication of security threats continue to rise it’s clear that programmatic solutions will be more effective in reducing risks than trying to address each threat as they appear. Further, security budgets will increasingly be based on measurable risk reduction to eliminate the overspending on point solutions targeted at one threat-or-another, and cyber security malware targeted at critical infrastructure will become available on the “open-market” resulting in a proliferation of these threats.

NICK ESPINOSA

Nick Espinosa is the Chief Security Fanatic of Security Fanatics, an outfit dedicated to all things cyber security/cyber warfare related. A national speaker, Nick writes a regular column on cyber security and also hosts his own radio show on 101.3FM WHIW.

My 2018 cyber security prediction is… API Hijacking is on the rise. Hackers are using cloud based communication systems like Slack to run command and control for their malware campaigns. They’re basically hiding in plain sight with this! Furthermore, advance wi-fi spoofing. So anyone can go to YouTube and create an “Evil Twin” attack which is to spoof the local free wireless at their local coffee shop. The next generation of this spoofing actual cell towers! You can download firmware that will convert a basic wireless access point into a fake cell tower. The mobile phone will then attach to the access point and the hacker can capture data live or attack the device! This is a rising threat due to availability of wireless access points for sale and the hacked firmware being available now on the Dark Web.

DOUG PETTIGREW

Doug Pettigrew is the owner of Electronic Brain Solutions a computer services company in Michigan. Doug recently graduated with a degree in Information Assurance (cyber security) and is a lifelong student of technology.

My 2018 cyber security prediction is… User will continue as a major source of the breach in company settings; however, I believe that companies will switch over from trying to blame and shame the end user for a mistake, and they will adopt policies that make it easier to report breaches to the company and to everyone else. Instead of focusing on trying to prevent each and every attack, more focus will be on how to detect and then respond to an attack or breach.

GEORGE TATAR

George Tatar founded Akruto, Inc. in 2010 to help customers keep their private information safe and readily available wherever they go. Prior to founding Akruto, George managed teams of engineers at large companies and successful start-ups.

My 2018 cyber security prediction is… We’ll see a major switch from hacking computers to hacking smartphones. With each passing year, we significantly increase the amount of personal and business data we have on our smartphones. This leads to hackers changing their priorities and attacking smartphones and other mobile devices. Also, biometric authentication will continue to replace passwords. Successfully tested on millions of smartphones and accepted by millions, biometric authentication will most likely replace traditional passwords and tokens within the next few years.

LES MULTACK

Les Multack is president of HealthcareAlliancePartners.com, a strategic partner alliance for subject experts who provide services to healthcare providers. Les has been a system integrator, computer engineer and network support manager for over 30 years.

My 2018 cyber security prediction is… The trend for threats and vulnerabilities will continue to grow higher than 2017. This is because it’s easier to hack a computer system than to protect it. In the case of business, cyber security budgets don’t produce income. The corporate budget is increasing, but lagging behind the profit opportunities from hacking and ransomware. For hackers, ransomware is the new “black “. This is because ransomware is easy money and will continue to grow. Further, IoT and Mobile phone exploits will become the new financial risk to users and IT Support. This is because new technologies need to learn to be security hardened over time. New exploits will be found on these new devices and become rich target vectors for hackers and ransomware. At the latest Defcon, an exploit was found that potentially can compromise the hardware of over 1 million cell phones. This is likely to linger for a year or more.

CLICK TO TWEET: Top #CyberSecurity #Experts Speak: What are your predictions for 2018? @ITSecCentral http://ow.ly/ThEU30etup6