In the world of cyber security, 2016 was a banner year––and not in a good way. From the Bank of Bangladesh/SWIFT heist in February to the Dyn DDoS attack a few weeks ago, the year’s wild attacks have one thing in common: they were proof that hacker innovation is on a growth trajectory.
That’s the bad news. The good news is that businesses and consumers are also much more aware of cyber threats than they were 12 months ago, and that’s the jumping off point of my cyber security predictions for 2017.
Prediction: Consumers will care a lot more about the security of the companies they do business with.
With hackers hitting organizations from the Internal Revenue Service to the University of California, Berkeley in 2016, consumers are more anxious than ever about the downstream financial crime that follows data breaches. In 2017, consumer demand will emerge around wanting to understand more about the security of the organizations they do business with.
Just as companies promote “seals of approval” for accomplishments like being “green,” (environmentally friendly), promoting gender equality or having accident-free workplaces, customers of all kinds of businesses will look for some sort of seal of assurance that the companies they do business with have a strong cyber security posture.
Prediction: Consumers will care a lot more about their own cyber security.
The great doorbell hack of 2016 kicked off the year with a loud “ding-dong.” Hackers figured out that smart home devices such as doorbells and refrigerators are gateways to home WiFi networks and Gmail logins, respectively––and surely that is just the beginning. As consumers embrace more Internet of Things (IoT) devices within the home, and more and more of their daily affairs (like banking and shopping) are conducted online, the security of their home technology environment will become extremely important. I predict that in 2017, new services will emerge that allow consumers to evaluate their own cyber security.
Prediction: Businesses will care a lot more about the cyber security of the companies they do business with.
Led by the Office of the Comptroller of the Currency (OCC) directive requiring banks to manage risks, including cyber security risk, in their third-party relationships, companies in all industries will start putting paying a lot more attention to their business partners’ cyber security posture in 2017. The web of risk is incredibly wide; I recently spoke with executives at a national communications company about the FICO® Enterprise Security Score and how it can help them reduce their risk exposure through partner networks. This particular company is connected with more than 32,000 business partners, and reckons that ESS will help it keep a close watch on its 4,000 most critical partner connections.
Prediction: Consumers and businesses will finally recognize the threat potential of IoT devices.
Beyond hacked doorbells and refrigerators, IoT devices like self-driving cars can present serious security threats that are very real. While I hope no tragedy will precipitate my prediction being realized, in 2017 I predict that people and businesses will make security considerations a priority in their decisions to use IoT devices, not an afterthought.
Prediction: Biometric security data may become the biggest security vulnerability of all.
Starting with Apple TouchID, biometric identification has now gone mainstream. (Even three year old kids’ fingerprints are being captured when they visit Disney World.) Hailed as being safer than digit-based passwords, biometric security data presents explosive potential in hackers’ hands. In the aftermath of the compromise of 5.6 million US government military, civilian and contractor personnel fingerprints, Eva Velasquez, CEO of the Identity Theft Resource Center, explained that stolen fingerprints may be a big problem in the future if biometric technology is used to verify bank accounts, home security systems and even travel verifications.
(About the author: Doug Clare is a vice president at FICO, leading the cybersecurity initiative and FICO Analytic Cloud. He has been with FICO for more than 25 years, and has deep expertise in helping banks and other businesses managed fraud, risk and the customer experience.)
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access