A Few Cybersecurity Predictions for 2016
I’m a bit reluctant to blog about 2016 cybersecurity predictions as it seems like everyone is getting into this act. Alas, this end-of-year tradition used to be the exclusive domain of the analyst community and a few industry beacons but now it seems like every security tools vendor in the world is reaching out to me to tell me what they see in their crystal ball. So with some hesitancy, here are a few of the things I expect to see after the proverbial ball drops (in no particular order):1. Greater focus on cyber supply chain security. Enterprise CISOs realize that strong cybersecurity extends beyond the corporate LAN and that cyber-attacks and data breaches could easily start with third parties with access to the network. The OPM and Target breaches are two examples where cyber-adversaries simply compromised trusted business partners and used them as a beachhead to penetrate their targets. At the same time, we’ve seen in increase in malware hiding in firmware, system BIOS, device drivers, etc., so servers, routers, storage devices, and network appliances could all introduce malicious code into an otherwise pristine environment. I expect CISOs to extend Continue reading