On the heels of the net neutrality debate, we'll hear a more fundamental discussion about the risk of the Internet as a platform for encouragement of hate/extremism terrorism and the role of government and private companies in countering the extremist narrative through voluntary and “proactive” management of social media.
2. John Grimm, chief strategist for cloud and IoT security, Thales eSecurity
We will continue to see product manufacturers, particularly on the consumer side, with either no security or very poorly implemented security. Consumer awareness of security issues around the IoT will start to increase, but probably not enough to impact their buying behavior. Consumers are interested in the features and cost of the products, and security isn't going to stop them buying products just yet, but we will see early signs.
3. Mark Gazit, CEO, ThetaRay
Across the board, more criminals will use AI and machine learning to conduct their crimes. Ransomware will be automatic, bank theft will be conducted by organized gangs using machine learning to conduct their attacks in more intelligent ways, and smaller groups of criminals will be able to cause greater damage by using these new technologies to breach companies and steal data.
4. Ken Spinner, VP of Field Engineering, Varonis
You've Got Mail: Buckle up for a Wild Political Season
All 435 seats in the House and a third of the seats in the Senate will be up for grabs in November 2018. With so much at stake, expect a series of revealing leaks affecting candidates in key congressional districts. At least one candidate will drop out of the race based on the contents of old emails. Multiple incumbents will also be forced out of office.
5. Ebba Blitz, CEO, AlertSec
IT security will be an increased focus for leadership. Equifax put a spotlight on the issue. The Chairman and CEO must pay attention to their company's IT security. Ultimately, they are responsible for negligence. This realization and focus will impact every department head in an organization. Companies will come to realize they simply cannot work in silos.
6. Ryan Barrett, vice president of security and privacy, Intermedia
Simplifying and securing the unlock feature
One of the daily grinds for corporate users, is unlocking their desktops many times throughout the day, entering their password over and over. Expect a major tech giant to simplify RFID and introduce device readers to streamline the act of unlocking corporate laptops or workstations with consumer mobile devices. Typing in a password will never stop being a burden and 2FA is only just now becoming normalized - so it's only a matter of time your computer will recognize you and unlock for you as you approach it.
7. Joseph Carson, chief security scientist, Thycotic
“Ransomware will evolve to cross platform and payments will be single click. Ransomware is going to be platform agnostic and can lock people out of any device or system. The financial payment for ransomware is going to evolve significantly so that it will be as easy as clicking once to pay the ransomware. It will target time sensitive systems and events, so watch out if you are taking part in the World Cup next year as cyber-crime will always be looking for major events to trick and take advantage of people wanting to get access to their favorite sport or concerts.
8. Dan Lohrmann, chief security officer, Security Mentor
“Industrial Control System (ICS)-specific malware will surface that goes well beyond Windows-based vulnerabilities currently affecting companies that operate critical infrastructures. ICS technologies include, supervisory control and data acquisition (SCADA) and distributed control systems (DCS), industrial automation and control systems (IACS), programmable logic controllers (PLC), programmable automation controllers (PAC), remote terminal units (RTU), intelligent electronic devices (IED) and other sensors. Targeted malware will be written against many of these specific systems. At least one well-known utility will be hacked – impacting customer service delivery.”
9. John K. Adams, CEO, Waratek
“2018 will be the year of virtual patching and the year that improving patch cycles for enterprise applications becomes a priority. The ability to rapidly apply a patch that functions like a physical patch without taking the vulnerable app out of production or making any code changes – must be an evaluation (and ultimately, deployment) priority in 2018.
10. PJ Kirner, co-founder and CTO, Illumio
Our exposed PII will come back to bite us: Our Identity is no longer ours. Personally Identifiable Information (PII) is no longer valid - since so much of it has been exposed in breaches over recent years. Everyone needs to acknowledge that they have been breached and are vulnerable, and that attackers have more of our personal information than ever before.