NEW YORK (Jan. 5, 2017) –Stroz Friedberg, an Aon company, predicts that 2017 will usher in intensified cyber attacks, new regulations and a shift in how businesses approach cyber risk management. Top threats this year include nation state cyber espionage, a rise in data integrity attacks and an increase in attacks harnessing Internet of Things (IoT) devices.
With cybersecurity firmly entrenched as one of the most consequential issues impacting international security, politics, economic stability and transactional crime, an understanding of existing and emerging cyber risks is more relevant than ever before. Stroz Friedberg’s predictions outline the top cybersecurity threats facing businesses and provide recommendations on how organizations can increase their resilience in the face of these threats.
“In 2016 we witnessed everything from cyber attacks influencing public opinion to hacked IoT devices and the introduction of new cybersecurity regulations. This year we’ll see an intensification of these threats, along with new challenges and a blurring of lines between the actions and responsibilities of the state, markets, businesses and civil society,” said Ed Stroz, Co-President and Co-Founder of Stroz Friedberg. “The flood of fake news and nation state-backed attacks in this past year’s election are just a sign of things to come, as attackers find new ways to seek faster and wider access to data and exploit sensitive information.”
The predictions highlighted in the report include:
- Criminals harness IoT devices as botnets to attack infrastructure: In 2017 Stroz Friedberg predicts there will be an increase in IoT devices compromised, harnessed as botnets, and used as launching points for malware propagation, SPAM, DDoS attacks and anonymizing malicious activities.
- Nation state cyber espionage and information war influences global and political policy: Cyber espionage will continue to influence global politics and will spread to the upcoming elections in Latin America and Europe. Russia, China, Iran, and North Korea will remain regions of great concern in 2017, as they continue to develop deep pools of cyber-crime talent.
- Data integrity attacks rise: Data sabotage as the next big threat will become a reality in 2017. Criminals will seek to sow confusion and doubt over the accuracy and reliability of information, impairing decision-making across the private and public sector.
- Spear-phishing and social engineering tactics become craftier, more targeted and more advanced: As organizations continue to leverage evolving technologies, including the cloud and IoT, and in parallel shore up perimeter defenses to raise the bar of network security, criminals will increase their focus on the human element as an entry point. In 2017, advanced social engineering tactics will become more targeted, cunning, and more effective, exploiting the weakest link – employees – that organizations always find challenging to safeguard.
- Regulatory pressures make red teaming the global gold standard with cybersecurity talent development recognized as a key challenge: Increased pressure from regulators worldwide will push in-house red teaming capabilities to accelerate in 2017. In addition, companies that are not in the cyber business will face a different challenge: recruiting, motivating, and retaining highly technical cyber talent to keep their red teams at the forefront of cybersecurity. This push will likely first occur in financial hubs such as Hong Kong, Singapore, the EU, and even the U.S.
- Industry first-movers embrace pre-M&A cybersecurity due diligence: The financial services industry and other regulated sectors will be early-adopters of making cybersecurity due diligence a critical part of the pre-M&A due diligence process, learning from high profile transactions that were derailed in 2016, following the exposure of cyber vulnerabilities.
The report also scores Stroz Friedberg’s 2016 predictions, which correctly predicted events such as cyber threats influencing the U.S. presidential election and security incidents with IoT devices shifting dialogue from functionality to security.
About Stroz Friedberg
Stroz Friedberg, an Aon company, is a specialized risk management firm built to help clients solve the complex challenges prevalent in today’s digital, connected, and regulated business world. A global leader in the fields of cybersecurity, with leading experts in digital forensics, incident response, and security science; investigation; eDiscovery; and due diligence, Stroz Friedberg works to maximize the health of an organization, ensuring its longevity, protection, and resilience. Founded in 2000 and acquired by Aon in 2016, Stroz Friedberg has thirteen offices across nine U.S. cities, London, Zurich, Dubai, and Hong Kong, Stroz Friedberg serves Fortune 100 companies, 80% of the AmLaw 100, and the Top 20 UK law firms. Learn more at https://www.strozfriedberg.com/.
Stroz Friedberg Media Contact:
Carolyn Vadino
Communications Leader
cvadino@strozfriedberg.com
+1.917.402.5455
Access international media contacts, the full library of Aon media releases, and a media kit with fact sheet and executive bios, via links below.