Looking back, 2017 was a challenging year for security-conscious small and midsized businesses (SMBs).
From massive breaches to disruptive ransomware outbreaks fueled by vulnerabilities that leaked out the U.S. National Security Agency, the cybersecurity landscape this year was notable in the uncertainty it created for small business owners.
What about 2018?
Here are five trends that experts say will have a big impact on the cybersecurity landscape in the new year.
Fake News Is Coming to a Company Near You
There's a reason "fake news" was named the Collins Dictionary Word of the Year. Beyond politics, a growing number of businesses will be targeted by computational propaganda, usually in conjunction with other forms of fraud.
"Just ask Los Angeles-based Pure Daily Care, which reports losing $400,000 after a rival allegedly cloned its marketing pitch and tricked customers into posting poor Amazon reviews. While small companies will be low-hanging fruit, large companies could soon be in fraudsters' crosshairs."
- Vanita Pandey, vice president product marketing at ThreatMetrix
AI Security Vendors Will Need to Shift from Technology to Results
Artificial intelligence was being infused into practically every security solution in 2017, it seemed. In 2018, vendors will need to prove that it makes a difference.
"Vendors touting AI will finally realize that customers want to see results and not just flashy marketing. Companies selling AI-powered products will need to find a way to start showing results in a quantifiable way, and not simply pitch their solution, and those that do this will be leaders in the industry."
- PJ Kirner, co-founder and CTO of Illumio
Container Service Security Takes Center Stage
Many technology startups are using application containers to pump out software innovations at an alarming rate. The industry is embracing containers, and in 2018, so will attackers.
"There haven’t been many of these types of attacks with public attention. However, many cloud-based services (such as AWS and Azure, for example) now offer container services (such as the ability to upload a Docker container of your application) in lieu of setting up an entire machine or technology stack.
"There are various configuration flaws and development bugs that may be overlooked in engineering these solutions. Mature cybersecurity programs will investigate these and release what they can to the public while others will deploy vulnerable systems — this space will be a growing attack surface where we will also see a number of new security controls."
- Neil Weitzel, Cygilant's Director of Security Research
Identity Thieves Bide Their Time
The Equifax breach of 2017 was only the tip of the iceberg.
"ID theft has reached near epidemic proportions in the US. The Equifax breach will accelerate this. It won't be evident until 2018 draws to an end and the 12-month free protection offered by Equifax also draws to an end. Fraudsters in a sense are waiting for the dust to settle."
- Paul Lipman, CEO of BullGuard
2018 is the Year of Simple, Inexpensive Multi-Factor Authentication (MFA) for SMBs
Here's one bright spot for SMBs:
"Most security experts agree that MFA — which involves at least two factors to authenticate users — is the most secure authentication option. Unfortunately, effective MFA solutions have remained largely out of reach for the average small- and medium-sized business. Though enterprise multi-factor technology is quite mature, it often required complex on-premises solutions and expensive hardware tokens that most small businesses couldn’t afford or manage.
"However, the growth of SaaS and smartphones has introduced new multi-factor solutions that are inexpensive and easy for small businesses to use. Next year, many SMBs will adopt these new MFA solutions to secure their more privileged accounts and users. 2018 will be the year of MFA for SMBs."
- Corey Nachreiner, CTO of WatchGuard Technologies