Top 15 security predictions for 2016

Experts and analysts take their best guesses on what form cybersecurity will take in 2016.

In putting a security spin on the holiday song, “It’s the most predictive time of the year.”

Not that those in the industry – even the best informed – have an infallible crystal ball. It’s that being effective in an ever-more-rapidly evolving threat environment means looking ahead. An accurate prediction can help an organization protect itself better. A wrong one can mean less ability to prevent or respond effectively to a breach that can damage reputation, the bottom line and more.

So, here are some best guesses about 2016 from more than a dozen vendors and analysts. (For an expanded version of the 2016 predictions, watch CSO's slideshow.)

IoT for ransom

(ThetaRay/Palerra/Blue Coat/LastPass) The Internet of Things will become an ever more fertile attack surface for governments, mercenaries, hacktivists and even terrorists. Many IoT devices lack significant memory space or OS capability, so treating them like endpoint agents will fail.

Ransomware will gain ground on banking Trojans and extend into smart devices like coffee makers, refrigerators, baby monitors, cars, wearables and medical devices, often owned by wealthier and therefore more lucrative targets. Most wearables, which collect personal information, lack even basic security features.

[ ALSO ON CSO: More predictions for the security space for 2016 ]

This will increase the threat of a massive collision among connected cars; stolen personal information about users’ home electrical and water usage; and attackers locking medical devices until a ransom is paid.

Your card is safer. You aren’t

(Javelin) Card-Not-Present (CNP) fraud will grow from $10 billion in 2014 to more than $19 billion in 2018. The increasing adoption of EMV cards and digital wallet solutions, such as Apple Pay and Google Wallet, will reduce point-of-sale system fraud and counterfeit credit cards. Unfortunately, that will push more fraudsters online to monetize fake and stolen credit cards.


(RSAC Advisory Board/Kaspersky/ThreatStream) DOXing – public shaming and extortion attacks – which rose in 2015, will spike exponentially in 2016, as everyone from hacktivists to nation states embraces the strategic dumping of private pictures, information, customer lists, and code to shame their targets. It will go well beyond Charlie Sheen having to admit his HIV status – cyber criminals know they can use the data for extortion, which will lead to some websites to be breached for the sole purpose of mass personalized extortion schemes. Call it “weaponizing” data.

At your criminal service

(Kaspersky/Seculert) The profitability of cyber-attacks means sophisticated criminal gangs with modern organizational models and tools will replace common cyber criminals as the primary threat. That, in turn, will draw mercenaries to meet the demand for new malware and even entire operations. The latter gives rise to Access-as-a-Service, offering up access to already hacked targets to the highest bidder.

Ghosts of Internet Past

(Raytheon|Websense) The structure of the Internet is aging – forgotten and deferred maintenance will become a major, increasingly expensive problem for defenders. Among them: Alexa 1000 certificates not up to date; old and broken JavaScript versions that invite compromise; rapid OS updates and new trends in software end-of-life processes that cause havoc and new applications built on recycled code with old vulnerabilities (think Heartbleed and POODLE).

Malicious e-commerce goes social

(DataVisor) Many traditional social networking sites such as Pinterest, Facebook and Twitter have announced plans to add “buy” buttons to their platforms in an effort to increase stickiness with their users and help monetize their user base. This will attract criminals looking to conduct fraudulent transactions on these platforms.

Passwords pass away

(Identity Automation) "No password" authentication methods will no longer be a pipe dream. Organizations will begin offering authentication methods that are a quicker and more seamless experience for users than passwords. They will include biometric, geolocation, Bluetooth proximity and pictographs.

The power of prediction

(Seculert) Prediction will emerge as the new Holy Grail of security. Prevention is passé, and even detection technologies will be supplanted by prediction, with machine learning becoming a key tool to help organizations anticipate where hackers will strike. 

Cloud Wars

(DataVisor/Blue Coat) As more organizations store their most valuable data in the cloud (customer and employee data, intellectual property etc.), the bad guys will find a way to gain access to this data, using computation infrastructure, which allows them to hide easily behind legitimate network sources and thus remain anonymous.

Hackers will use credentials to cloud services as a major attack vector. Social engineering tactics will focus on mimicking cloud login screens to gain credentials.

Crime piggybacks politics

(Raytheon|Websense) The U.S. elections will drive significant themed attacks. Attackers will use the attention given to political campaigns, platforms and candidates, as an opportunity to tailor social engineering lures. Others will focus on hacktivism, targeting candidates and social media platforms.

Getting physical

(Seculert/Imperva/DomainTools/ThreatStream) 2016 will witness the world’s first openly declared cyberwar, where the primary goals of the attackers – hacktivists, nation states or terrorists – are not financial but to cause physical damage in support of terrorist or geopolitical agendas. That will put infrastructure, priceless artifacts and more at risk. Transnational terrorist groups such as ISIS will attempt to attack a SCADA system or critical infrastructure with the goal of inflicting either economic damage or mass casualties. 

Smaller won’t be safer

(AT&T) Hackers will no longer target just large organizations, as they can get equally valuable information in other places through analytics on the data they are collecting and combine data to make it more valuable. That means smaller organizations are more likely targets.

Cybercrime goes even more global

(Blue Coat) Smaller, developing countries that weren’t big on cybercrime want in. It doesn’t take a big military to cause big damage. Some – like Nigeria – are already entering the fray with more sophisticated attacks. Conflicts throughout the world will bring with them hardware-connected attacks.

Divide and conquer the juncture

(Kaspersky) The appearance of a balkanized Internet, divided by countries, which would make any region vulnerable to attacks on the service junctures that provide access across different boundaries. Such a landscape could lead to a black market for connectivity.

Get thee an MSSP

(Blue Coat) The failure of organizations and countries to build up cyber talent will become a huge problem. Demand for information security professionals is expected to grow by 53 percent through 2018. Because of this, security jobs will be filled by MSSPs, and the cost will not decrease.

Join the CSO newsletter!

Error: Please check your email address.

More about AppleCSOFacebookGoogleImpervaJavelinKasperskyTwitterWebsense

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place