In today’s digital world, cyberattacks are becoming increasingly prevalent. By 2021, annual damage from security breaches is projected to reach $6 trillion, according to according to Cybersecurity Ventures, and over the next five years, global spending on cybersecurity products and services is expected to exceed $1 trillion, the research organization says.

In the healthcare sector specifically, healthcare organizations can face as many as 100,000 security events a day, according to a Ponemon Institute report. So far this year, more than 4 million patient records have been hacked, according to estimates from Protenus, a security firm.

As both internal and external actors continue to uncover new avenues to corrupt corporate systems and expose sensitive data, organizations need to fine tune existing approaches or implement new measures focusing on people, processes and to ensure security in the New Year.

Here are six major trends that will become commonplace in 2018.

1. The cyber security resource shortage increases
It is no secret that there is a massive shortage of cybersecurity talent globally. Hundreds of thousands of unfilled cybersecurity roles remain open in 2017. In the United States, there are 350,000 to be exact, and in 2018 this number will only continue to grow.

2. Outsourcing of security services expands
With the human talent shortage comes the issue of organizations not having enough in-house talent to effectively address security incidents and issues. Companies will continue to look to vendors and managed services providers to help manage and mitigate security incidents and challenges.

3. More women enter in cyber security
According to recent research, only 11 percent of the world's information security workforce are women. A number of organizations are dedicated to helping women succeed in cyber security, such as Women's Society of Cyberjutsu (WSC). The lack of security talent also presents a massive opportunity in 2018 for women to enter the field to make up for the talent shortage currently seen in cybersecurity.


4. Automation and orchestration assists
Even organizations that do have skilled security talent in-house find it very challenging to decrease the mean time to detect and the mean time to remediate security incidents. This is mainly because of the fact that communication workflows and extremely simple tasks slow things down. In 2018, expect more and more organizations to turn to security automation and orchestration tools to overhaul internal processes and augment lines of communication.

5. Social engineering gains traction
Social engineering tactics have been used successfully for decades to gain a way in the door with little technical effort and the tactic isn't slowing down any time soon. Security resources often spend a massive amount of time dealing with incidents caused by human error. According to research, the vast majority of these attacks involve people, and the only real way to address this problem is through education and awareness training. In 2018, look for companies to invest more time and effort in strengthening the first line of defense, people.

6. Hackers increasingly focus on people
Whether it comes from social engineering or from an insider threat, the human attack surface will continue to reach new heights. There are currently 3.8 billion internet users as of 2017 and that number is expected to reach 6 billion by 2020. In 2018, look for organizations to shift focus and look for solutions that focus on the people problem. To combat these threats, organizations have to put together a plan that outlines the processes that best align with protecting the business and uses the power of various technologies to detect insider threats, streamline the investigation process, prevent data loss, and effectively respond.

Security breaches are inevitable in today’s technology-driven economy. As more companies look to mitigate risks through proven resources, qualified experts, and more, we’ll continue to see these trends evolve for years to come.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Mike McKee

Mike McKee

Mike McKee is chief executive officer at ObserveIT, an insider threat management company.