Industry executives and experts share their predictions for 2018.  Read them in this 10th annual VMblog.com series exclusive.

Contributed by Ron Davidson, CTO of Skybox Security

The Year Cloud Security Begins to Mature

2017 will likely be remembered by its notable ransomware events NotPetya and WannaCry, which marked a wakeup call to a new age of cyberattacks that reach further into the ‘real world'. However, it's not just ransomware and the threat landscape that are undergoing an evolution. Widespread cloud adoption and increasing IT/OT convergence, among other digital transformation initiatives, are drastically changing networks and increasingly putting pressure on the security teams tasked with protecting them.

Considering how the cybersecurity industry is contending with one of the most capable threat landscapes, a new age of incredibly complex networks and a worldwide skills shortage, here are my top 5 predictions for 2018:

1.       Hybrid networks stretch attack surfaces even further

Though the networks of today have a combination of different technologies, processes and teams working to secure them, these divisions mean very little to attackers. They follow the path of least resistance to reach their target no matter if it means jumping from the corporate to production network, physical environments to the cloud. In 2018, we'll see attackers increasingly leverage hybrid network connectivity to infiltrate networks where fundamental cybersecurity measures have yet to reach their full potential, such as cloud and OT.

2.       No end in sight for OT attacks

Critical infrastructure organizations, including utilities, energy producers and manufacturers, as well as enterprises have been making considerable efforts in the last couple years to improve OT network security. That's likely because they're becoming a favorite target of attackers. Nation-state threats as well as cybercriminals have seen the advantage in targeting notoriously unsecure and vulnerable OT devices that can't afford to be taken offline. And because of their connection back to the corporate network, attackers are applying traditionally IT threats, such as ransomware, to OT. Both WannaCry and NotPetya, while ransomware on the surface, had enormous impacts on OT, bringing production lines to a halt, forcing hospitals to close and even disrupting nuclear radiation monitoring.

It's important to note that attacks like these offer just a glimpse of the risks present in the networks that communities around the world rely on daily. In 2018, we'll see this trend continue as attackers dive even further OT networks for financial gain, nation-state objectives or to simply to wreak havoc.

3.       Cloud security matures

Currently, most businesses are in a transition phase, with networks comprised of a hybrid of physical, virtual and multi-cloud environments. 2018 will be the tipping point when physical networks represent the minority of enterprise network infrastructure. With this in mind, it's crucial that organizations take the shared responsibility model of the cloud to heart and bring security management expectations of the cloud in line with that of physical networks.

To meet this expectation, organizations will need to turn to intelligently automated solutions to match the agility and elasticity of the cloud. 2018 will likely see an uptick in automation that can better support virtualized environments.

4.       The distributed attack model thrives

Though NotPetya may have seemed like a poor iteration of ransomware to many, it demonstrated, along with WannaCry, the distributed attack model on which modern ransomware relies. It targets as many victims possible, looking for low-hanging fruit, so attacks can be carried out easily and automatically, maximizing the attacker's ROI. Ransomware is a perfect fit for this model, in that any target an attacker can make unusable - through encryption or locking out actual users - can provide the means for extortion. Now that distributed ransomware attacks have proven global-reach capabilities, we're sure to see more mass-scale attacks in 2018.

5.       Complex networks pressure security to go automated

As previously mentioned, the level of complexity characterizing today's networks means that IT security teams are battling a constant stream of data that must be contextualized, analyzed and acted upon. On top of that, the cybersecurity skills shortage plaguing the industry has led to fewer skilled workers available to implement the right solutions and manage the mounting issues at hand. This "perfect storm" is effectively creating an environment full of attack vectors, where organizations could be more vulnerable than ever.

In 2018, we expect a surge in adoption of automated solutions, particularly for integrated analytical workflows, with the ability to deliver actionable intelligence to security practitioners.

##

About the Author

As CTO of Skybox Security, Ron Davidson brings nearly three decades of experience to lead R&D and the Skybox Research Lab. His previous role was at Cisco, where he served as senior director of security research and analytics for the company's video security business. Early in his career, Davidson belonged to the renowned IDF Unit 8200, called by Forbes investigative journalist Richard Behar "Israel's secret startup machine" for cybersecurity companies.