1. Increasing automated attacks

Launching Ransomware or DDoS attacks is now a commodity activity. Provided you know where to procure such toolkits on the Internet, these attacks can be undertaken by anyone at very little cost.  As a result, 2018 will see an increase in widespread automated non-targeted attacks. 

2. More intense compliance surveillance (GDPR)

The General Data Protection Regulation comes into effect in May in Europe and will impact all organizations doing business with European citizens. The new law has placed data protection and security firmly on the agenda of all corporate boards. This year will see a continued increase in scrutiny of data protection with third parties. Other laws, such as the Payment Services Directive (PSD2), will also increase demand for compliance surveillance.

3. Reigning in IoT 

The Internet of Things is everywhere, from our home security systems to our refrigerators, and its influence is spreading. We’re living in a world that relies increasingly on the Internet to function, which means security is vital. 

From a security perspective, there’s a serious absence of common security practice in the development of these products. Enterprises will become more selective in the type of IoT devices they allow into their organizations, and a more formalized approach to approving IoT devices in the enterprise will become commonplace. We’ll see vendors start selecting their target market from low-grade consumer devices to enterprise-grade offerings. 

4. Cloud incidents

Application attacks, perimeter-less network risks and mobile workforces will all contribute to more security incidents in 2018. As in 2017, more organizations will experience a cloud storage incident, such as accidentally leaving private data exposed to the Internet. The proliferation of other web-based services, and the fact that workers are more mobile, will cause an increase in application-based security incidents. Enteprise security training in relation to cloud services needs to be a priority. 

5. The defender’s modus operandi

How organizations prepare for and respond to breaches will change. As the likelihood of experiencing an incident grows, organizations will realize that their response to a breach cannot be left to chance. At a broader level, there will be an increase in machine learning and Artificial Intelligence to help security responders focus their attention in key areas. Given the worldwide skills shortage of security workers, existing personnel will crave tools that will assist with improving efficiency. IDC estimate that the security solution spending will continue to be the fastest category of IT spending reaching $105 billion by 2020.