Cybersecurity Predictions 2018 – How did we do?

We made eight predictions for 2018 where we discussed regulations such as GDPR, the implications of ubiquitous encryption, the defence of aggregated data, ransomware and how insider threats will impact cloud security. We also discussed the threat to data aggregators and the specifics of cryptocurrency hacks. We believed that many of these predictions would also have a profound impact on privacy, and the events of 2018 largely showed that we were spot on.

Early and Often

As we sought evidence either supporting or contradicting our 2018 predictions, it became apparent that our 2018 forecasts were incredibly timely with a several predictions playing out within the first 6 months of the year.

Supporting Evidence

Privacy Fights Back

Privacy concerns were pushed into the limelight with several key moments in 2018 that had far-reaching global impact.

Cambridge Analytica’s use of private customer data provided by Facebook will likely be remembered as the event that thrust privacy and data protection into the public consciousness. Facebook was for “serious breaches of data protection law” and a “failure to sufficiently protect the privacy of its users.”

Indeed, in a 2018 survey of Forcepoint customers “Concerns over privacy” ranked as the top security issue. (Source: TechValidate. TVID: In May 2018, the European Union enforced its, The EU initiative to consolidate varying data protection regulations across EU member states and place an emphasis on the protection of personal data has now been Input from Silicon Valley technology organizations.

GDPR: Procrastination Now, Panic Later

A 2018 survey by Forcepoint found that only 14% of those surveyed felt that they were “completely prepared” for the roll-out of GDPR in 2018. (Source: TechValidate. TVID: On or around GDPR-day (25 May 2018) many businesses struggled to implement the intent of the regulations blocking EU citizens en masse from accessing their non-EU web properties.  GDPR is also accredited with consent policies compared with the start of the year.

The possibility of large monetary fines seems to have done little to stem the tide of data breaches during 2018.  While Facebook was fined the maximum fine as permitted by the regulators at the time of the Cambridge Analytica incident the fine would have been much higher had the breach occurred post-GDPR.

Disruption of Things

Our 2018 survey showed 76% of customers are concerned about the security or infrastructure either within their company or supply chain. (Source: TechValidate. TVID: Our prediction suggested IoT would not be subject to ransomware given the replaceable nature of the devices and so reduced likelihood that affected organizations would pay the ransom. As 2018 unfolded we saw several attacks targeting IoT but not at the scale in which we anticipated.