Virtualization Technology News and Information
vArmour 2017 Predictions: Legislation, Security and Networking in 2017

VMblog Predictions 2017

Virtualization and Cloud executives share their predictions for 2017.  Read them in this 9th annual series exclusive.

Contributed by Executive Team Members, vArmour

Legislation, Security and Networking in 2017

One year after the next, security continues to prove itself to be of the utmost importance in the private, public and international markets. As such, from legislation to new deployment models, security is maturing and becoming a centerpiece of modern business. And it's not just for the benefit of large organizations, but also for customers, the government and consumers as a whole.

Here's how legislation, insurance, new technology and the world at large will affect and be affected by cybersecurity in 2017.

Tim Eades, CEO

Tim Eades 

  • Cybersecurity regulations will play an even more significant role in 2017. In the past few years, the cybersecurity space has undergone a huge transformation, from breach mania in 2013-2014 to rise of regulation from 2015 onward. As such, regulation is catching up, together with a heightened level of board scrutiny. In fact, several SEC rulings have established the board's culpability in cyber attacks.  The board, in turn, is and will continue to be increasingly concerned about cybersecurity from the brand and liability perspectives.
  • Security is, and will continue to be, more widely recognized as the ultimate differentiator and strategic component in the battle for the leadership position in modern data centers and cloud.
  • For endpoints, security measures need to master simplicity. Ease of deployment and intuitive management, in addition to the efficacy of the control, are necessary for success.
  • There will also be a growing realization that public cloud is more secure than corporate data centers. Cloud providers have better security mechanisms and constant paranoia to address security at scale in the face of digital transformation.

Mark Weatherford, chief cybersecurity strategist

Mark Weatherford 

  • At the highest level, the new 115th Congress that begins in January will be looking to make a big impact on combatting the growing security threat. There are over 25 bills in the current 114th Congress related to cybersecurity. Many of these bills will be resubmitted, but the overall number will look trivial by comparison at the end of 2017 as more legislators decide to get serious about addressing weaknesses in the nation's cybersecurity posture. This trend will also extend into state government legislatures.
  • Further, as security breaches continue and costs grow, corporate boards will be actively looking for cybersecurity professionals to either become members of the board, or advisors to the board. This may or may not be in response to legislative action such as Senate bill S.2410, also known as the Cybersecurity Disclosure Act of 2015, but will nonetheless be a significant trend in 2017.
  • Additionally, the number of companies taking advantage of cybersecurity insurance will continue to grow in response to increasingly unmanageable cyber threats. The underwriting market will be happy to respond and the due diligence requirements for underwriting will be a catalyst for greater spending on security products, including technology that automates the risk assessment process in real time.
  • Finally, IoT has changed the nature of DDoS and other cyberattacks. In the past, the cost and time needed to build a botnet were fairly significant. Today, the growing number of unmanaged IoT devices around the world has created an environment in which they can easily be compromised into vast IoT botnets. The upper limit on volume for a DDoS is practically gone and there isn't much defense against it. The year to come will include a growing number of DDoS attacks including against critical infrastructures that will impact society and perhaps even cause loss of life.

Eva Tsai, VP of marketing and business operations

Eva Tsai 

  • It's already happening but cyberespionage will become even more rampant. As a result, nation-state organizations will continue to strengthen both cyber defense and offense.  For defense, they will increasingly leverage machine learning and deception technologies to bolster incident response practices.  For offense, they will launch counterattacks to stay ahead of their nemesis or even adulterate the leaked content-weakening the credibility and softening the blow of any leak. For instance, targets like the U.S. may begin to launch counterattacks against Russia or other adversaries in order to alter any stolen data they may have already acquired before it's published on the dark web or WikiLeaks, so as to embarrass attackers and erode their credibility.
  • An increase in cyberattacks from all angles will also revert digital transformation, especially for the critical infrastructure sector where accuracy and reliability outrank agility (e.g. utilities, energy). We might see more systems in this sector being air-gapped from the internet and general digital connectivity as a result.


Published Wednesday, December 07, 2016 9:02 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2016>