A new year brings with it new challenges as well as new opportunities. 2018 is no different. For enterprise organizations, cybersecurity challenges will continue to be front and center as third-party vendors continue to be a doorway into the enterprise, hacking becomes even more mainstream as Billy in his parents’ basement has easy access to powerful tools (not to mention an ongoing rise in state-sponsored hacking), and healthcare data becomes even more and more attractive.
Below, we explore five trends we see having an impact on both enterprise organizations and technology vendors in 2018. For a deeper look and recommended actions for each trend, download the 2018 Cybersecurity Predictions for Enterprises whitepaper and the 2018 Cybersecurity Predictions for Technology Vendors whitepaper.
- Third-party breaches will continue to be on the rise: More and more hacks will come through third-party organizations, similar to the well-known Target breach that originated with a compromised credential that had been granted to one of its software vendors. According to a recent study by the Ponemon Institute, at least 56 percent of the respondents experienced a third-party data breach – up seven percent from 2016. As a matter of fact, 63 percent of all data breaches can be attributed to third-party vendors according to Trustwave.
- Hacking is going mainstream: The likelihood of an organization getting hacked will increase exponentially in 2018, especially as access to sophisticated hacking tools is easier and easier (imagine Billy in his parents’ basement). According to data from ID Theft Resource Center, the number of security breaches more than doubled (131%) between 2012 and 2016, and 2017 outpaced 2016. Additionally, institutionalized, state-sponsored hacking (think Russia, China, and North Korea) will continue to be a trend. Reuters recently wrote an article on North Korea’s cyber tactics, and a quick search on Google will bring up many articles and reports on state-sponsored hacking initiatives from China, Russia, and North Korea.
- Surface area for attacks is growing rapidly: Coupled with hacking going mainstream, the attack surface – or possible entry points – for software environments is increasing at a rapid rate due to the ongoing adoption of cloud-based services and the proliferation of devices connected to the Internet, such as printers, refrigerators, televisions, and mobile phones. Organizations will be required to manage and secure multiple entry points into a network.
- Healthcare data will be the new prize: While credit card data is still valuable and susceptible, one new prize for hackers is healthcare data. Anthem’s data breach in early 2017 shed light on the price premium for black market patient information. According to a recent Trustwave report, a healthcare record has a mean value of $250 on the black market, compared to just $5.40 for the next highest value record – a payment card. Businesses and healthcare/medical organizations made up the bulk of hacking targets in 2016, accounting for 45 percent and 34 percent of breaches respectively, with healthcare breaches specifically jumping 151 percent in the last 10 years. This trend will only continue to grow in 2018.
- Enterprises and vendors will debate breach liability: As data breaches continue to create costly interruptions, the argument over who should pay will escalate. According to a recent study from Ponemon, more than 55% of organizations surveyed didn’t know if a third-party’s policies would prevent a data breach. If not understood and handled properly, this could be a business-ending scenario for affected parties.
What can you do to be ready for these trends in 2018? If you manage multiple technology vendors that provide remote access support, download the 2018 Cybersecurity Predictions for Enterprises whitepaper. If you’re a technology vendor that provides remote IT support to many enterprise organizations, download the 2018 Cybersecurity Predictions for Technology Vendors whitepaper.
Our sole focus is secure third-party remote access. For highly regulated enterprise organizations, SecureLink Enterprise has pioneered a secure remote access platform. SecureLink for enterprise allows an organization to identify, control, and audit third-party vendors. For vendors, SecureLink is the gold standard remote access support platform because it is easy, efficient, and ensures compliance and reduces liability when supporting customers.