Looking back at our 8 Scary Security Predictions for 2016 what’s really frightening is how accurate they were! It’s time to start a side business in fortune telling…  maybe there’s a certificate for that.

Here’s a quick recap of our 2016 predictions and what actually unfolded:

  • Back Doors Open in Corporate Encryption – now Congress feels that strong non-backdoor encryption is important, but Feds should be able to crack it 
  • National Privacy Laws Weaken (Again) – And they did – the FBI got more hacking powers but on the up side in early 2017 we will get a letter from the U.S. intelligence agencies on domestic surveillance.
  • No More Safe Harbor (for Good) – Safe Harbor was replaced by Privacy Shield and will be superseded by GDPR on 25 May 2018 after a two-year transition period… Intended to strengthen and unify data protection for individuals within the European Union (EU), it’s time to review the new requirements.
  • Mass Internet Surveillance Goes Global – And it did… We saw the U.S. Intel surveillance on Yahoo, Brits passing the Snooper Law
  • Sophisticated Malware / 0 day Attacks = More Breaches – Adobe Flash took the cake again this year; time for it to die already! This was also the year of ransomware, with hospitals getting hit especially hard; interestingly 0 days were not the most used attack vector – phishing was (humans create risk again)
  • Spending on Data Breaches & Cyber Threats Continues Unabated – Business as usual – some of the big breaches of 2016 were – IRS, DHS, Seagate, LinkedIn, 21st Century Oncology, Verizon Enterprise Services, Dropbox, Yahoo, San Francisco MTA and others.
  • Dawn of the (IoT) Zombie Army – If only this had been delayed a few more years, but Mirai did it. First the attack on KrebsOnSecurity (620Gpbs), then OVH (1Tbps with 150K devices) and then the DynDNS attack (a recordbreaking 1.1Tbps) that took out sites like Github, Twitter, SaneBox, Reddit, AirBnB, and Heroku.
  • Qualified CyberSecurity Professionals Will Still Be Hard to Find – it was hard and it will be; the gap of cybersecurity professionals remains wide and shows no signs of closing.

In the coming days look for 2017 predictions – the New Year promises to bring more of the same.