1. The document outlines 10 predictions for cybersecurity challenges in 2016 and beyond, including the expanding roles of governments, continued evolution of nation-state cyber offenses, and the intersection of life safety and cybersecurity in connected devices. 2. It predicts security expectations will increase while security technologies improve but remain outpaced by adaptable attackers. Attacks targeting trust and integrity will escalate. 3. A continued lack of cybersecurity talent will hinder the industry from effectively addressing evolving threats. New threat vectors are expected to emerge as technologies advance.

1. Top 10 Cybersecurity Predictions for
2016 and Beyond
Matthew Rosenquist
Cybersecurity Strategist,
Intel Corp
March 2016

2. More of everything will massively increase the number of potential targets.
The growing cyberattack surface

3. The ease and cost of developing connected things is dropping fast, leading to
an explosion of new products, many without adequate security protection.
New Device Types

4. Chain Reactions Drive Cybersecurity Evolution…

5. 10 Evolving Challenges in Cybersecurity

6. 1. Government’s roles expand
2. Advances in nation-state cyber-
offense affects everyone
3. Life safety and cybersecurity
intersect in products
4. Rise in digital theft and fraud
5. Realistic impacts of cybersecurity
emerge
6. Security expectations increase
7. Attackers evolve, adapt, & accelerate
8. Trust and Integrity are targeted and
undermined
9. Security technologies improve but
remain outpaced and outmaneuvered
10. Lack of security talent hinders the
industry
Cybersecurity is Rapidly Evolving

7. Public demands their governments be
more actively involved in preventing and
responding to cyber threats, major
hacking events, fraud, and digital crimes,
yet not infringe upon individual’s privacy.
Government’s Roles Expand1.

8. Government’s Roles Expand
Result:
1. More regulations, to raise security
standards
2. Better policing and collaboration
3. More laws for prosecution actions
4. Friction around technology privacy and
government access

9. Nation-State Cyber-Offense Affects Everyone
Broad adoption by many nations of cyber-
offense capabilities.
Governments incorporate cyber into their
defense apparatus with clear objectives
and deployable systems.
2.
i
29countries
Have formal cyber
warfare units
i
63countries
Use cyber tools for
surveillance
i
$19billion
US 2017 proposed
budget for cybersecurity

10. Nation-State Cyber-Offense Affects Everyone
Result:
1. Trickle-down effect gives advanced
technology to criminals and attackers
2. Reverse engineered code is reused by
other threats
3. Attackers don’t need to invest in
developing high-end exploits, instead
they harvest what governments create

11. Life Safety and Cybersecurity Intersect in
Products
Industrial and consumer products are
being connected to the internet and to
each other
Vehicles, appliances, power stations,
medical devices, and billions of other
devices are gathering data and exerting a
level of control in our lives
Risk of catastrophic impacts as our
reliance and trust increase
3.

12. Life Safety and Cybersecurity Intersect in
Products
Result:
1. A slow wake-up call for the
transportation, healthcare, and
industrial sectors as risks emerge
2. As IoT devices explode in number and
function, so will the potential misuse
3. Remote devices, cameras, and drones
become more concerning to safety and
privacy. Expect more regulations

13. Attacks on automobiles will increase sharply in 2016 due to the rapid increase
in connected automobile hardware built without foundational security
principles.
Transportation

14. Top 10 Healthcare breaches of
2015, affected almost 35% of
the US population
Healthcare

15. Critical infrastructure systems not designed with outside access in mind will
become vulnerable to low-incident, but high-impact events as they become
connected to the Internet.
Critical infrastructure

16. Rise in Digital Theft and Fraud
More opportunities to steal, extort, and commit
fraud. Greed principle prevails
Attackers are organized, share methods and tools
Threats not limited by geography
Financial, social, and geopolitically motivated
4.
i
~$450billion
Cyber-crime impact
globally
i
200%increase
In cyber-crime in
the last 5 years
i
32%reported
Organizations reporting
cyber-crime

17. Rise in Digital Theft and Fraud
Result:
1. More ways to successfully commit financial
fraud and theft
2. Number of attacks increase, externals and
internals, from across the globe
3. Higher cost incidents, millions-billion dollar
attacks
4. Rising: Ransomware, CEO Fraud, transaction
tampering
5. Continuing: DDOS & data breach extortion,
Tax, Credit & banking fraud, skimmers, ATMs

18. Industry currently fails to measure the systemic impact
and long term costs
New interest to understand the overall costs:
 Security products/services spending,
staffing, audit/compliance, and insurance
 Incident response and recovery costs
 Secure product development, innovation
and sales friction, related opportunity costs
Realistic Impacts of Cybersecurity Emerge5.

19. Result:
1. Understanding impacts will begin to shift
the industry perspectives
2. Evolving from tactical treatment of
recurring symptoms to strategic
interdiction of the systemic condition
Realistic Impacts of Cybersecurity Emerge
i
$3trillion
Aggregate innovation impact of cyber-
risks by 2020
-McKinsey & World Economic Forum
i
$90trillion
Potential net economic benefit drained
from global GDP, worst case thru 2030
-Zurich & Atlantic Council

20. 6. Cybersecurity Expectations Increase
Market demands more connectivity, devices,
applications, and services
Enterprise perspectives shift to accept the
reputation and market risks
Consumers expect security “their way”: Safety with
access anywhere to anything

21. Cybersecurity Expectations Increase
Result:
1. Expectations rise, but resources and
capabilities will not keep pace, causing
friction and opportunities for attackers
2. Strategic insights are needed to manage
risks and seize opportunities
3. Leadership will be key to find the
‘optimal’ balance of security

22. 7.
Attackers are nimble, opportunistic, cooperative,
skilled and relentless
Their motivation, resiliency, and creativity drives
great adaptability
Acceleration in their methods, tools, and targets
(technology, people, processes)
Attackers Evolve, Adapt, and Accelerate

23. Result:
1. Dark markets and services grow to enable
2. New data breach targets emerge
3. New uses for personal, health, biometric,
and login data is explored by attackers
4. Research follows quickly into new areas of
technology
5. Ransomware and “CEO email” tactics rise
6. Integrity attacks spear-headed by pros for
huge gains – will drive new security
solutions
Attackers Evolve, Adapt, and Accelerate

24. Cybercriminals, competitors, vigilante justice seekers, and nation-states
will increasingly target cloud services platforms to exploit companies
and steal confidential data.
Cloud services

25. Attacks on all types of hardware and firmware will continue. The market for
hardware attack tools will expand. VMs will be successfully attacked through
system firmware rootkits.
Hardware
Equation Group – HDD and SSD
firmware reprogramming malware
First commercial UEFI Rootkit

26. 8. Trust and Integrity are Targeted
Attackers leverage trust mechanisms for their
goals: Digital certs, Identity and, Encryption
implementation
Integrity attacks continue to escalate, altering data
instead of stealing it.
This begins a whole new game.

27. Trust and Integrity are Targeted
Result:
1. Digital certs misuse allows access and
malicious sites/software to proliferate
2. Vulnerabilities in devices, encryption, and
code force changes in product design
3. Integrity attacks emerge as a devastating
new strategy, targeting financial,
communications, and authentication
transactions

28. A significant new attack vector will be stealthy, selective compromises to the
integrity of systems and data. In 2016, we will witness an integrity attack in the
financial sector in which millions of dollars will be stolen by cyber thieves.
Integrity

29. 9. Security Technologies Improve but Remain
Outpaced and Outmaneuvered
Execs get serious on managing cyber risks
Holistic and strategic views take hold
Cloud gets more secure
Malware detection and forensics improves
Hardware is the new trust foundation
Incident Response capabilities and services achieves
professional standing

30. Security Technologies Improve but Remain
Outpaced and Outmaneuvered
Result:
Near-term cyber protection capabilities
Availability/Denial of Service
Confidentiality/Data Breach
Integrity/Trust of Transactions
iEXCELLENT
iGOOD
iLACKING

31. The security industry will develop effective weapons to protect, detect, and
correct many attacks, but the arms race will continue.
The security industry fights back
Security industry to-do list:
 Behavioral analytics
to detect irregular activities
 Threat intelligence, shared
to deliver faster and better protection
 Cloud-integrated security
to improve visibility and control
 Automated detection and correction
to protect more devices with fewer security professionals

32. Threat intelligence sharing among enterprises and security vendors will grow
rapidly.
Sharing threat intelligence
 Legislative steps will make it possible to share threat intelligence
with government.
 We will see an acceleration in the development of best practices for
sharing emerging threat information.
 Threat intelligence cooperatives between industry vendors will
expand. STIX/TAXII will be the standard by which they share
information.
 Metrics for success will emerge, allowing enterprises, security
vendors, and governments to quantify protection improvement.

33. 10. Lack of Talent Hinders the Industry
Lack of qualified talent will greatly restrict the
growth and effectiveness of security
Academia is working to satiate demand, but it will
take time.
i
1.5-2million
Unfilled positions by
2017
i
12xgrowth
Compared to the overall
job market
i
70%understaffed
Organizations report
lack of staff

34. Lack of Talent Hinders the Industry
Result:
1. Salaries continue to rise until demand is
met
2. Headhunting and retention of top talent
is ruthlessly competitive
3. Leadership and technical roles in
greatest demand
4. Outsourcing to MSSP’s and security
consulting firms increases

35. Conclusion
As always, cybersecurity represents risks and
opportunities
Much of what was seen in 2015 will continue, but
new vectors will emerge to supplant legacy tactics
The fundamentals remain but the details and
specifics remain chaotic and unpredictable
New threat vectors will emerge as advanced
technology is integrated
Leaders with insights to the future have the best
opportunity to align resources and be prepared