About Us | Contact Us
View Cart

T7 – The Trend of Trends 2018

By Vigilize | Monday, February 19, 2018 - Leave a Comment

The seven best trend articles in 2018 . . .

For ISO’s of small financial institutions.

Sometimes, in spite of seemingly everything changing at an accelerated pace, you find things that are familiar. In Dan’s Magnificent Seven and R7: The Top Seven Risks pieces, for example, you’ll find several new developments of interest to Information Security professionals…but you’ll also find some things, like employees clicking phishing links, to be more familiar. In light of this observation, this year we have decided to use our annual T7 piece to look at how our previously selected trend articles, and the subjects they were based on, have evolved over time.

As we’ve said before in our previous takes on this article (in 2015, 2016 and 2017), it’s important to consider when reading these pieces whether they are discussing current trends or if they’re making predictions. While both kinds of articles can be interesting to read, we try to consider them differently: by basing tactical plans on current trends, and longer term strategies based on predictions.

  1. Internet of Things/Wearable Tech: A perennial favorite in trend articles by ourselves and others, the proliferation of internet connected devices shows no sign of slowing down…and still worryingly few signs of proper security. The continuing inattention to security comes as organizations such as CIO Magazine predict increasing adoption of internet-connected technology in the industrial sector, where equipment often remains in use (and vulnerable to attack) decades longer than in homes and offices.
  2. Encryption: Whether it’s being used by your average consumer to protect their smartphone or by the bad guys to hold your company’s data hostage, encryption and how we implement it is another trend that we’ve been following (and will continue to follow) for years. We are also seeing encryption being employed as a way to reduce certain compliance burdens, in the European Union at least, with new legislation absolving businesses of the requirement to notify consumers about data breaches–as long as the data that was lost was encrypted.
  3. Mobile Malware: In 2016 we looked at the growing trend of malware aimed at mobile platforms, and noted that the once-impervious iOS was starting to see attacks as well. In the intervening two years smartphones have become an even more inviting target, with examples of cryptocurrency-mining malware spotted in the wild. On the Android side, examples of infected applications are easy to come by through the official Google Play store, despite efforts to screen submissions for threats. If that wasn’t enough, experts are warning of the rise of Ransomware-as-a-Service: ready-made kits which allow those with no technical ability to deploy an attack.
  4. Open Source Vulnerabilities: Open Source Software’s ability to be examined by the public is one of its selling points, but that presumes that there will be someone there to examine it: with billions of lines of open source code across thousands of projects, problems can lie in plain sight for years before being scrutinized. Open Source Software must also still be patched in a timely fashion to remain secure, as Equifax recently discovered.
  5. Cloud Security: Data storage and virtualization continue to make computing cheaper, while wireless and wired broadband continues gets faster. Put them together and you have an ever-growing incentive to shift resources to the cloud…but just how well do you know the organization on the other end? Between Software-as-a-Service, Platform-as-a-Service, internet of things devices and data storage, the vast majority of businesses now have at least some of their information in the cloud, making this an increasingly attractive target for financially motivated attacks.
  6. Ransomware: Touched upon in both 2016 and 2017’s installments, ransomware is as big a threat as ever, in part because of how profitable it can be. While experts believe most victims fail to pay their digital hostage-takers, it doesn’t take many ransom payments to make such an enterprise profitable. If that weren’t bad enough, a look at 2018’s tech threats from the MIT Technology Review says such attacks striking major cloud services seem to be only a matter of time.
  7. Password Problems: A problem practically as old as computing itself, the issue of password security is one that offers no simple solution. On the bright side, this means that there’s always a new selection of articles discussing the problems, and their possible solutions, to choose from…but don’t expect to get out of those mandatory password changes any time soon.


This article is now a collaboration of several infotex team members.  Original T-7 article concept by Dan Hadaway CRISC CISA CISM, founder and Managing Partner, infotex



Posted in Articles, Infotex News

Latest News
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS FORUM AND CONFERENCE NEWS infotex is proud to announce that Dan Hadaway will be moderating a series of IT Forums for the Ohio Bankers League. “We are excited to continue fostering the relationship with the OBL to help educate and keep Risk Management at the forefront of […]
    Top 7 Trend Articles of 2021. . .  . . .For ISOs of Small Financial Institutions. Welcome to our annual T7 article:  a list of our favorite trend articles from the past year.  Our intent: help you organize your thoughts as your work through your strategic planning process.  We hope reviewing these articles will help you […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
    The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question:  “Is there an Audit Test that covers 9/11’s of the battle?” This […]