According to the latest research from Gartner, spending on information security services will reach $93 billion in 2018, an increase of eight per cent from 2017. Cybersecurity expert Simon Bain from BOHH Labs suggests that this increased investment will be required to address a number of critical challenges in the year ahead. This includes rising website attacks, chatbot technology threats and the need for greater cyber security awareness at board-level.
Bain discusses: “Addressing ongoing cyber security threats represents a challenge for any organization both practically and financially, and 2018 will unfortunately be no different. Looking ahead, there will be several notable issues that firms will need to strongly prepare for:
Company website attacks
“One of the type of attacks that we will see gain more traction in 2018 is the website attack. With the growing use of online services (checking accounts, merchant accounts and Point-of-Sale (POS) systems, etc. now going through the web) the risk of attacks is large and has the potential to affect any institution using these services, as it opens access to institutions’ backend databases, document stores and applications all within easy reach.
“This type of attack is very hard to find, but it is incredibly easy for attackers to undertake. Because an attacker can gain access to the website via high jacking a user’s request, and then by simply making a small change to the code to redirect payment information their way while not stopping the correct path of the request, it makes it easy for attackers to get access to critical data without alerting any red flags.
“Critically, the website is no longer just a marketing tool. It has become a business tool, and as such, it now needs to be properly protected from attacks and placed inside a firewall, and preferably completely encrypted, so that attackers are unable to change, manipulate and delete code to their advantage.
Growth and adoption of chatbot technology
“The growth in the business use of chatbots will continue to increase based on their interactive nature and their capabilities to complement existing call centre activities by taking away mundane tasks. However, with their interactive capabilities and the ability to use location services to reserve a table in your proximity and even order an item such as a coffee, it is becomingly increasingly important that all chatbot transports are secure. Similar to website data breaches, should intrusion attacks penetrate the chatbots, user trust will be lost as well as the possible loss of confidential data.
Cyber security awareness at a senior level
“We all know security breaches are a big deal, so why aren’t more board of directors versed in the area? As the oversight of an organisation’s value and growth, it’s critical for security to become a business priority and an integral part of their organisations’ daily operations. This means a companies’ cybersecurity activities must hold as much weight in decision-making in the same way as they do in the financial ones. As such, in 2018, we will see NASDAQ advise more security experts to join companies’ boards, so they can help companies navigate to better long-term performance and success.”
Bain concludes: “In addition to those noted above, other points of interest to impact the security landscape in 2018 will be the continued rise of blockchain technology, particularly its influence amongst financial services, the proliferation of IoT attacks, as well as the impending arrival of GDPR. Much like 2017, the year ahead will be challenging and it’s imperative that organisations make the right preparations by investing their security budgets wisely, to protect their businesses.”