Over the last few months, security experts have had to contend with the General Data Protection Regulation (GDPR), ransomware, and AI as the three most pressing IT issues companies have to face at present.
Organisations are still dealing with the fall out fromWannacry, which brought NHS hospitals to a standstill; GDPR is on its way with very few getting to grips with it still; and artificial intelligence is still some way off and may not deal with security problems the way we expect.
Back in the GDPR
Virtually every vendor has a view on GDPR, the EU's more stringent data protection law due to come into force next year and introduce fines of up to 4% of turnover for security breaches. Endless surveys and research suggest very few organisations are prepared for the rules. Although, to be fair, it is hard to be ready when the Information Commissioner's Office (ICO) itself hasn't yet published its final guidance on certain aspects. Adhering to the eight data protection principles still appears to be the best way forward in order to be compliant with GDPR.
Peter Brown, a senior technology officer from the ICO, told attendees in a keynote speech at Infosecurity Europe 2017, held in London last week, that with a year to go, it would be better for firms to think of GDPR more positively and emphasise the opportunities. If a company can demonstrate it is fully compliant, its reputation will be enhanced.
He was quick to point out that come 26 May next year, when the GDPR applies, the ICO wasn't going to start banging down doors and demanding 4% of a company's turnover in case of a security breach.
Ilias Chantzos, Symantec's senior director of government affairs for EMEA and Asia, said there is no box that can "solve" GDPR problems.
Brexit is also making its presence felt. In another keynote speech, Microsoft's CISO, Bret Arsenault, spoke against "digital xenophobia" criticising how different countries handle data protection. Brexit is very likely to result in the UK drawing up its own data protection laws and these will not completely overlap with the EU, meaning companies having to deal with any differentiations.
Wannacry me a river
The recent Wannacry attacks had a silver lining, according to Rik Ferguson, who is vice president of security research at Trend Micro and a special advisor to Europol. This is that the trust model between victim and criminal in a ransomware attack may have been broken. People have become more aware that paying the ransom doesn't always result in getting data back from criminals - it's much better to keep regular backups.
James Lyne, a security researcher with Sophos, who was in the same panel discussion at Infosec with Ferguson, said that Wannacry has seen ransomware getting more sophisticated, and this means that organisations and people cannot rely on tools to decrypt locked files. He added that the danger has become more real in many people's minds, increasing awareness of it, which could ultimately be good news as the more people take seriously the threat of hacking and cybercrime, the more people will be cautious about suspicious content.
Unsurprisingly, Wannacry has been good financially for the channel. According to channel analysts Context, the malware outbreak has increased sales of cybersecurity goods and services by a significant margin.
Internet of Things can only get better?
Another issue was the increasing use of automation within technology as well as its impact on IT security. In a keynote speech, security guru Bruce Schneier said that with the internet now meeting the "classic definition" of a robot as far as it being able to sense, think and act, we are creating a world-sized robot without even realising it. He argued that IoT systems such as self-driving cars, power stations and medical devices can be hacked with real consequences, more so than with a traditional PC.
Once more, governments will have to step in to force companies to improve security rather than relying on the market to deal with things. He just hoped that any regulation would be "smart" rather than "stupid".
Artificial intelligence as a basis for IT security also got a grilling from Giovanni Vigna, CTO ofLastline. In a speech at Infosec, he said such technologies only really work when they have large data sets, and you can only learn from "things you know".
But machine learning could be used to reduce the number of security analysts needed and direct focus on more important issues, he added, acknowledging that there is a renewed interest in anomaly detection using machine learning, but this would require modelling good behaviour and this takes time.
Ultimately, artificial intelligence, machine learning, and deep learning cannot be used in a simple way, according to Vigna. Organisations need to start at breach detection events to teach such systems to look for similar patterns elsewhere.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers
News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticedNews Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the USNews A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field dayNews February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impactedNews The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
Warning issued over prolific 'Ghost' ransomware groupNews The Ghost ransomware group is known to act fast and exploit vulnerabilities in public-facing appliances
-
The Zservers takedown is another big win for law enforcementNews LockBit has been dealt another blow by law enforcement after Dutch police took 127 of its servers offline
-
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victimsNews Security experts have warned the BlackLock group could become the most active ransomware operator in 2025
