2016 IT Security Predictions

By: David Gibson, VP of strategy and market development at Varonis

1. The U.S. Presidential campaign will be affected by a cyber attack.   

Hillary Clinton’s private email server has already brought cybersecurity into the U.S. Presidential race. In 2016, a cyberattack will strike the campaign, causing a major data breach that will expose donors’ personal identities, credit card numbers and previously private political preferences. Imagine being a donor with an assumption of anonymity. Or a candidate whose “ground game” depends on big data analytics about voter demographics and factors affecting turnout – data that turns from an asset to a liability if it isn’t protected. The breach will affect the campaign not only as a setback for the unfortunate candidate or party affected, but by bringing the issue of cybersecurity prominently into the campaign as a major issue that is closely related to geopolitical threats such as the spread of terrorism. Campaign data is a gold mine for hackers (donor lists, strategies, demographics, sentiment, opposition research), and an event like this will serve as another wake-up call to the U.S. government that cybersecurity needs to be a continual, central focus and investment at the highest levels. The candidate who demonstrates knowledge and command of cybersecurity threats and government readiness will win the election.  

2. The frequency of public data breaches will increase substantially.

The Identity Theft Resource Center (ITRC) reports a total of 641 data breaches recorded publicly in 2015 through November 3. Most organisations know this number represents the tip of the iceberg. The frequency of known data breaches will increase in 2016, due not only to increasing privacy and breach disclosure laws but also the increasing failure of traditional perimeter-focused security investments to protect valuable data. Employees’ use of mobile devices and companies’ migration of IT workloads to the cloud will also contribute to a sharp rise in breaches. Over time, this should help to shift priorities toward investing in more proactive data-centric protection, but it’s likely things will become worse before they get better.

3. End-user education and monitoring will become the focal point of data security efforts.

Insiders are the new malware. Executives and IT professionals are becoming as afraid of their own employees – as innocent vessels for outside attackers with dangerous levels of access to sensitive data – as they are of outside attackers. Companies will turn to the importance of end-user education in 2016 as they realise that, no matter how intensely they invest in security, they hit a dead end if their users don’t drive by the rules of the road. They need to be involved in the security processes, observe classification and disposition policies (that need to be defined) and know to stop clicking on phishing emails. Employees are crucial to the security process, and have more power in controlling it than they realise. You can’t patch users but you can educate them. You can also monitor and analyse how they use data to spot unwanted attacks.

4. At least five more C-level executives will be fired because of a data breach.

In recent years we have seen the careers of several top executives suffer in the wake of cyberattacks. Target CEO Gregg Steinhafel and CIO Beth Jacob, U.S. Office of Personnel Management Director Katherine Archuleta, Sony Pictures’ Amy Pascal and others were either fired or forced to resign after massive data leaks cost their organizations money, customers and credibility. This will accelerate in 2016.  Blame for data breaches is shifting from IT to the C-suite. Data impacts every facet of an organisation. If management is not investing in and focusing heavily on securing data and its use, it is now understood that they are putting the entire company and its stakeholders at risk.

5. Increasing false positives in data security bring to light the need for limited, accurate information.

Organisations will get much more serious about how much data they collect and their deletion efforts. When Target suffered its massive breach during the 2013 holiday season, the alerting capabilities of its IT team had generated months of warnings.  Still, no one caught it. This remains a common problem today. Why? The plethora of security tools installed in most companies overwhelms IT security. Their teams are strapped and the amount of false positives generated by exponentially growing volumes of information cause these teams to miss crucial vulnerabilities. In 2016, smart IT teams will focus on signal-to-noise ratio improvements in the analysis and alerting solutions they deploy.