This is the first in our series of cybersecurity predictions for 2016. Stay tuned for more through the end of the year.
Marketing and advertising technologies have always been at the forefront of finding new ways to identify and track data, and security threats are never far behind. So, with 2016 looming, there’s no better time to look at Forbes’ “The Top 7 Online Marketing Trends That Will Dominate 2016” and the resulting security implications. Forbes’ list is as follows:
- Video ads will start dominating.
- App indexing will lead to an explosion of apps.
- Mobile will completely dominate desktop.
- Digital assistants will lead to a new kind of optimization.
- Virtual reality will emerge.
- Wearable technology and the Internet of Things (IoT) will pave new ground.
- Advertising will become more expensive.
One thing is for sure: some of these trends open new avenues for cybercriminals. Three key trends that stand out as potential security issues are: the explosion of apps as a replacement for regular websites, the emergence of virtual reality, and the expansion of wearable technology. Let’s take a closer look at just how each of these three trends could impact web-based attacks in 2016.
Explosion of apps
There are already apps for everything from accounting to web posting, with more popping up every day. The fact that most apps can do exactly what websites can do – and in many cases better – will lead to a volume challenge, considering how the sheer number of apps can potentially degrade security and be open to exploitation.
Emergence of virtual reality
A new phenomenon, with little regulation and standardization, virtual reality opens the door to new, never-before-experienced cyberattacks. Virtual reality platforms will connect to the web or web-based apps, again resulting in a broader base to launch cyberattacks for cybercriminals.
Expansion of wearable technology
The Internet of Things (IoT) is moving beyond its infancy. Many wearable gadgets offer access to the web and very little control for secure access. Yet, most devices will somehow connect to a larger corporate network. This provides cybercriminals with the benefit of a lower barrier to entry into any connected organization.
While all of these changes are important, I do not expect to see a major shift in web-based attacks during 2016. Instead, we will see an adjustment in the behavior of cybercriminals and their use of the cyberattack lifecycle, mainly in how they infiltrate companies.
It’s hugely important for companies to deploy good application identification capabilities within a security platform that offers a holistic and comprehensive approach to security, with web security providing a part of the overall protection. Focusing on web security alone will not be sufficient. Securing an enterprise or government means architecting security to both detect and prevent known and unknown attacks while safely enabling applications.