2018年网络安全预测报告（英文版）

2018 Cybersecurity Predictions A Shift to Managing Cyber as an Enterprise RiskPublished: January 20182 2018 Cybersecurity PredictionsIntroductionForeword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Scorecard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4PredictionsPrediction 1: Waking up to cyber liability . . . . . . . . . . . . . . . . . . . . . . . . . 6Prediction 2: Managing cyber as an enterprise risk . . . . . . . . . . . . . . . . . . 8Prediction 3: Regulatory spotlight widens . . . . . . . . . . . . . . . . . . . . . . . . 10Prediction 4: Criminals attack businesses embracing IoT . . . . . . . . . . . . 12Prediction 5: Companies implement multi-factor authentication . . . . . . 14Prediction 6: Bug bounty programs go mainstream . . . . . . . . . . . . . . . . 16Prediction 7: Ransomware attackers get targeted . . . . . . . . . . . . . . . . . . 18Prediction 8: Insider attacks fly under the radar . . . . . . . . . . . . . . . . . . . 20Contacts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23Table of ContentsCyber Solutions 1ForewordPreparing security professionals and business leaders to shift their thinking and manage cyber as an enterprise risk in 2018. Since issuing our 2017 predictions, we’ve seen a dramatic rise in the sophistication, scale, and impact of cyber attacks. As companies strive to enrich their customer experiences through a spectrum of endpoints, ranging from mobile devices to automobiles, the attack surface has increased dramatically. With this ever-growing threat landscape comes a proportionate increase in the impact that cyber attacks have on enterprises, and the customers they serve. This report draws on our experience working with boards and C-suites, as well as security and risk professionals to plan for, mitigate, and manage the expanding impact of cyber risk across the enterprise. Our 2017 Predictions: A year of large-scale cyber attacks with significant impact to organizations across sectorsThe swift, public, and pervasive cyber attacks in 2017 demonstrated how cyber risk cannot be effectively managed solely as an information technology (IT) issue. The WannaCry ransom-ware attack hit over 200,000 computers in 150 countries,1 taking businesses offline, disrupt-ing sales and operations. Arguably the most significant data breach in U.S. history hit Equifax, exposing the sensitive data of 143 million people,2 while subjecting the company to