As the year comes to an end it is time to slow down and take stock of current affairs. It’s cathartic to do an in house (and external) audit of everything that has happened (good or bad) during a year before moving on to the next. The proverbial deleting of 2016’s cache for a clean slate in 2017. However, notable events and trends in the IT market during 2016 will inevitably inform our predictions for what 2017 will have in store.
2016, the year of ransomware
Data has become an extremely valuable and sought after commodity, and this is by and large as a result of organisations shifting towards data driven economies. During 2016 we saw ransomware rise to a digital epidemic of note. The proliferation of ransomware during the last 12 months was not only severe, but it revealed the true opportunistic nature of the ransomware cybercriminal. The success behind ransomware is as a result of a great business model, extensive market research, opportunistic brashness, and a deep insight into the power of inciting fear in victims. Not only was there a rise in the amount of attacks during 2016, there was also a diversification in the target market, or typical victim profile.
Ransomware is becoming more and more aggressive in its application and ransomware creators are constantly generating creative new methods of fooling victims into engaging with malware, or bullying them into paying. Individuals, home users, consumers – this was the typical, historical profile of a victim of ransomware.
This was likely due to individual home users not being well informed about cybercrime and malware, not having the right disaster-recovery systems in place, and potentially being more likely and willing to actually pay ransoms to recover their treasured family photos or personal files.
Over time, there has been a slow but steady increase in the targeting of businesses and larger corporations with highly focused, personalised attacks. Ransomware is becoming so bespoke to fit each intended victim that it is proving to be more challenging for some antivirus software to pick up indicators of compromise. Some trendsetting ransomware variations are programmed to lay dormant and undetected on a machine until it is stealthily deployed.
This grants the malware to access network systems more effectively and undetected, and only the most paranoid of defenders will identify a compromise.
Once your data is encrypted there is very little that you can do, and paying the ransom won’t guarantee that you receive any data back. Paying will encourage cybercriminals behind ransomware attacks to perpetuate the industry, creating a market for this illegal activity and driving ransomware to higher levels of intelligence.
Yet, more often than not, victims of ransomware simply don’t have any other choice but to pay. We have seen a substantial amount of attacks on the medical and educational industries in 2016. One can only envision that an attack on any medical industry is a recipe for disaster. Without access to patient data lives are at risk, and paying the ransom in order to gain access to data could literally be a matter of life and death.
A multi-faceted data management approach, which includes a disaster recovery plan, will definitely contribute to the safety of your data. The FBI’s tips for a business continuity that helps combat the effects of ransomware is to make regular backups of data, verify the integrity of backups frequently and mirror backups to a secure server.
A reliable data backup software provider will be the difference between the life and death of your valuable data. It’s never too late to start backing up, but we recommend you do it before receiving a data ransom note.
New horizons, 2017
In the face of these adversarial forces, it is not uncommon to expect that there will be a rather big dip in digital trust. 2017 will be the year of focussing on strengthening customers’ digital trust through ethics and the promise (and follow through) of data security. Trust will prove to be the keystone of the digital economy. In the wake of the ransomware epidemic, peace of mind, and trust in your data security service provider will be one of the strongest trends in 2017. Having fool proof disaster recovery plans in place will be self-evident.
The lack of digital trust will result in a struggle with delivering information management and data security best practices. However, the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will provide a sturdy foundation to build upon (yet a difficult compliance prerequisite if your company is not structured accordingly). Even Post-Brexit, UK organisations must adopt rigorous data security and protection laws and still comply with the EU’s GDPR regulation, or else trade via data flow with Europe will be out of the question.
Expect to see many organisations scampering around to get into compliance. If you are a data backup service provider, it will be essential to grant customers access to their data at all times. Data must be freely available, and not under duress. In light of the ransomware dark-cloud, this is certainly a silver lining.
In order to fully comply with these legislations, companies will need insight into their data. Insight doesn’t necessarily mean breaching security laws, but it does mean understanding the nature of the data that you deal with and being able to pick up indicators of compromise (IoC) quickly and effectively. With intelligent and automated backup software, backups will be automated, and intelligent insight into changes in the data provided when needed.
With the exponential growth of data, automation won’t even need a second thought. Developments in intelligent automation will encourage innovation and rapid technology advancements. Companies that embrace automation will dominate the market as they continue to transform the data security industry.
Platform economies and ecosystems will begin to emerge in order to accommodate the exponential growth of data, and the intelligent automation structures needed to securely manage said data.
Expect to see data-backup, -disaster recovery strategies, -archiving, -security and -instant access integrated into a data management platform ecosystem in order to provide best practices. 2017 will see the realisation that all of these services are interconnected, and it is difficult to provide one without the other. Platform-based business models will be the innovation of the digital economy as it not only complies to data laws and legislation, but provides the customer with an ethical offering in order to secure digital trust.
All of this leads to probably one of the most important trends one can expect to see in 2017; The digital economy will become more human focused. The workforce behind any technological company is the driver for innovation. Leaders who focus their attention on creating adaptable fluid and agile workforces will drive innovation from the bottom up.
In order to become a market dominating leading enterprise, companies will have to invest in their employees by building healthy learning environments to not only encourage research and innovation, but accommodate the human element in a very digitally driven market. Organisations that ensure the enhancement of their workforce will succeed in being a data driven enterprise that can provide the offering of integrity and security when managing data on multiple levels.
Image source: Shutterstock/Carlos Amarillo
Paul Evans, Founder and CEO of Redstor