Skip to main content

3 predictions for cybersecurity in 2017

Cybersecurity, the Internet of Things, driverless cars, artificial intelligence — these topics were hot in 2016, and interest in them should continue strong in 2017. However, the discussions will take new turns. Where will they go? I predict that three particular trends will gain real momentum and re-shape the cyber landscape in 2017.

1: How safe are our 'smart' devices?

Anxiety about our machines turning on us is already running hot, as you can tell from the popularity of shows such as Westworld and Humans. In light of the recent Dyn attack, questions have been raised about the security of IoT devices. As more seemingly harmless domestic gadgets become ‘smart’, I predict that 2017 is likely to be the year we see a compromised IoT set-up put businesses at risk.  

In my recent blog, “Real talk: The imminent and very real danger of IoT,” I wrote:

"Due to lack of security features, creating an IoT botnet is a great deal easier than phishing users to compromise PCs. Given the ease with which IoT devices can be hacked, we can expect more attacks to follow. Mirai, Japanese for ‘future,’ has given us a view into the future through these attacks, which include data breaches and ransomware attacks through compromised IoT devices."

It should be no surprise to hear that IoT devices can be easily hacked. There is a serious lack of security features in the code developed for IoT devices and, unfortunately, this means that creating an IoT botnet is now easier for criminals than phishing users to compromise their devices in traditional ways. I predict we will see more fraudsters turn to this new way of gathering valuable consumer and business data next year.  

No one can foresee exactly which IoT category will be the next to be compromised. However, some devices raise more red flags than others — driverless cars, for instance. The risk a hacked car poses to human life is far too high to be ignored. Most people are swept away by the shiny exterior, and very few give thought to downstream security considerations, but it is important that we question the quality and security of the code inside that fancy new red car. 

Most consumers are swept away by the shiny red exterior and unaware of downstream security considerations. Many may turn to un-connected cars; for me, that could be a nice air-cooled Porsche circa 1973.

2: Data breaches: Lax cyber security? You’re about to be found out

Cybersecurity remains a top concern for the C-suite across all industries. High-profile cyberattacks have made headlines throughout 2016, and 2017 is likely to be the year we all do our best to tighten the security of our organisations.  

One way to ensure you know where to invest the most resources is to test the security of your entire network. This is why we recently launched the FICO Enterprise Security Score (ESS). Just as consumers are scored for their credit history, helping banks assess borrowers’ risk levels, businesses can now measure the likelihood of a data breach in the organisation.  

According to the Risk and Insurance Management Society, 80 per cent of companies bought a stand-alone cybersecurity insurance policy in 2016. The ESS brings companies’ security posture to the forefront for partners, enterprises, and insurers, and it is useful for assessing risk in the underwriting process for cybersecurity insurance. Although it is a growth product that CFO magazine calls a “must have”, underwriting for cyber-risk is undeniably challenging, so we predict that we will see big advances in how the ESS is adopted as an enterprise risk assessment tool. 

3: AI: Will the hype cycle crash? 

The AI poster child may be IBM’s Watson computer, after beating Go world champions and surpassing human competitors on the game show Jeopardy!, but other forms of AI have been at work in many business applications for decades. That said, in many ways, 2016 was the year that AI really hit the mainstream.  

This year has seen a lot of hype around AI powering almost everything, from juice bars to robotics investing. However, this is just the beginning of the golden age of analytics. We predict that the value and contributions of AI, machine learning, and deep learning will only grow, and cybersecurity will be one of the top applications.  It is worth remembering that the word ‘analytics’ now means anything from advanced optimisation to recording the number of cars in a car park. 

This generalisation of the concept means it has been divorced from the underlying technical considerations that were once associated with the word. The same holds true for artificial intelligence, and related concepts such as machine learning and deep learning. When does advanced analytics become AI? What are the problems that require true AI? When is human-directed analytic development critical? In my opinion, and that of many experts, we must view the AI promise with a healthy amount of scepticism, and avoid putting blind trust in every “analytic finding” we hear. 

Proper model development is a must, and we should be wary of companies purporting to re-invent AI. We should also be wary of irresponsible use of AI. It won’t be the algorithm that harms you or your business, it will be the inexperienced people trying to apply artificial intelligence for its own sake.

Cybersecurity takes centre stage, again

This year has been a busy one. There have been several high-profile cyber-attacks, hundreds of breaches in businesses of all sizes, and even rumours of a hacked presidential election. It should come as no surprise that we predict 2017 to be the year of enhanced cybersecurity. 

We have heard it before, but never has it resonated as strongly as it does now. We believe 2017 will see the above cyber trends take flight as the natural response to the events of 2016 and the fear it has inspired in boardrooms across all industries.  

Cheers to 2017!

Image source: Shutterstock/Sergey Nivens
Dr. Scott Zoldi, Chief Analytics Officer,

Dr. Scott Zoldi is chief analytics officer at Silicon Valley analytics firm FICO.