As terrible years go, 2016 was terrible for CIO's and CISO's everywhere as data breaches reached record levels. 2015 was no better and many were predicting 2016 to be worse but few could have predicted Yahoo's reporting a record data leak (on top of another mammoth data leak) or the effect hacking would have on the recent US election as the fallout of both events are sure to spill well into 2017.
There isn't, or at least there shouldn't be any CIO and CISO looking upon 2017 with a glass half full as all the problems that has made the last five years a living hell for CIO's and CISO still exist and in some cases, are almost certainly going to get worse.
A combination of low transaction costs in favor of hackers, cybersecurity talent shortages and the ever expanding amount of data collected by organizations in both the public and private sector were big reasons why 2016 was the year of the hack and why 2017 will almost certainly follow suit. All these problems are compounded by both companies and governments unwilling share information about breaches with each other which would help avoid the notable trend of enterprise level companies falling victim to the same exploits.
Hackers on the other hand frequently collaborate and share new malware and exploits which has contributed to why the market for stolen data and malware is arguably the most vibrant and dynamic market on the net. As long as this persists, we'll continue to see a steady stream of news stories that have come to define the year past.
2016 was trying for CIO's and CISO's but it was abysmal for cybersecurity as an industry as U.S officials openly talked about intervening. While it's not exactly clear whether governments can improve the level of cybersecurity, it's quite clear something has to be done as the industry is the picture of market failure. 2017 won't be any better as calls for the government to get involved will almost certainly get louder despite cybersecurity being a growth market in the face of record year on year spikes in data breaches.
In sum, CIO's and CISO's know the year ahead will look like the year past and are painfully aware of how little they can do about it as while they do everything in their power to secure their organization's IT infrastructure, they're fighting an enemy that has all the advantages and they know it. This is an indictment of the sorry state of cybersecurity as an industry and its inability to find solutions to combat attackers effectively and should it continue, the most dangerous thing you do all day will be switching on your computer.
No comments:
Post a Comment