Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

THE FUTURE OF CYBER SECURITY

Information security is a perennially hot topic, but as 2016 kicks off, many organisations look to take stock over the past year and consider what the coming months may have in store.

Breaches of information security have certainly maintained their notoriety, hitting the headlines regularly in 2015, with major breaches hitting companies such as TalkTalk and Vtech.

Below are some expert, thought provoking, security-related predictions from the team at Rapid7, with everyone from Rapid7’s CEO & President, Corey Thomas, to the company’s Global Security Strategist, Trey Ford, weighing in, offering insights around what they think lies ahead for 2016.

Tod Beardsley, Security Research Manager at Rapid7

“I believe, and fervently hope, that the security issues dogging the Internet of Things will reach a critical level of both awareness and accountability. Given the growing coverage in mainstream media outlets about the state of security with IoT, I expect to see vendors of IoT devices take on real responsibility for the security of their devices. We in the security industry all know that hacking IoT devices is like dropping back ten years, and I believe that the mass consumer market will drive creative and realistic solutions to the problems of old software, old build processes, and the fractured patch pipeline.”

Rebekah Brown, Threat Intelligence Lead at Rapid7

We will continue to break free from the echo chamber. We are already seeing this with security researchers spending more time talking to law makers and infosec professionals actively reaching out to engage with non-security sector organisations. This trend will (hopefully) continue into 2016 and will help break down the communication barrier that continues to plague us as an industry.”

Jen Ellis, Vice President of Community and Public Affairs at Rapid7

“We’ll see the massive focus on cybersecurity in the policy sphere continue, and perhaps even increase, with organisational and system changes made to reflect this prioritisation.  With this continued emphasis on cybersecurity in the Government, I hope we’ll see the level of engagement between policy makers and the security community increase, and I hope we’ll see it drive positive outcomes.  However, I am concerned that we’re likely to see some pretty scary legislation being proposed – we’ve already seen a bill that would prohibit independent security research on cars.  It’s on us to educate legislators about the potential fallout of these efforts. I hope we’ll see the security community take a more collaborative, thoughtful, and productive approach to engaging policy makers, so we can avoid legislation that hinders security, rather than helping it.”

Trey Ford, Global Security Strategist at Rapid7

“Come see the softer side of security.

My prediction is probably aspirational: I am hopeful we’ll see more transparency in incident and breach communications. The public isn’t afraid of “yet another breach,” they’re afraid the organisations they have a relationship with will violate their trust. In our series on VERIS, we’ve talked about the questions the public wants to see answered: who took what action, against what systems or information, with what impact, when, and what is being done about it?

Security will continue the shift of focusing more on trust than compliance.”

Guillaume Ross, Senior Security Consultant at Rapid7

“Privacy and security will become more of a concern for consumers in 2016, and perhaps a slight marketing advantage for hardware and software vendors, though it will not become the main criteria for most people choosing a device such as a smartphone or an operating system.

As we are talking about things that will probably not happen, let’s get those un-predictions out of the way:

  • The Internet will not get DDoSed by a botnet of fridges and toasters, though a few will certainly take hold.
  • The Internet will not get DDoSed by a botnet of smartphones, as they will run out of power after an hour.
  • Information Security jobs will not be filled rapidly, as companies will still be struggling to find staff, preferring managed services in many cases, where appropriate.
  • No, not everyone will be done patching Heartbleed, and no, the amount of services exposed to the Internet at the end of 2016, including SCADA systems, will not be lower than the amount of services exposed at the end of 2015.”

Corey Thomas, President and CEO at Rapid7

“We’ll see a greater gap between the well-managed and the poorly-managed, our security version of income inequality.  The poorly-managed will continue to ignore, pay lip service, and rely mostly on controls.  The well-managed will recruit teams directly or through partnerships and build effective programs.”