With the exponential growth of the information economy since the 1990s, cyber-security has become a top priority for governments and industry world-wide. This report predicts major cybersecurity issues for 2016. While cyber-security measures continue to evolve positively, cyberthreats from crime, terrorism, militarization, espionage, and censorship will continue or worsen in 2016. Conflict over cybersecurity will increase between the West, and criminals and states from which cyber-threats emanate, including terrorists, China, Russia, Iran, North Korea, India, Pakistan, Brazil, Argentina, and many developing countries. Increasing technical sophistication and vulnerabilities in critical infrastructure, military systems, industrial control systems, the internet of things (IoT), machine-to-machine (M2M) communications, and mobile platforms will increase opportunities for states, criminals, and thrill-seekers to discover zero-day vulnerabilities and benefit from cyber tactics. Individualized encryption and the use of crypto-currencies such as bitcoin will continue to facilitate anonymous crime and terrorism, and thereby complicate the cyber-security landscape in 2016. Secure backdoors for legitimate governance and additional regulation of crypto-currencies is necessary. The lack of cyber-security budgets has created labor market shortages in cyber-security, leaving most small countries and mid-sized companies lagging well behind a growing army of cyber-criminals. As cyber-security budgets increase in 2016, so will the incentives to enter the cyber-field. As cyber-security hiring often comes from hackers, hacking conferences, and even cyber-criminal communities, increased budgets are a double-edged sword that may also provide a pull-factor for new hackers. Protecting governments and economies from these threats will require increasing the treatment of cybersecurity as a public good, increasing cyber-security budgets in a smart manner, and strong public-private partnerships for provisioning codes of conduct, mandatory information sharing, law enforcement, defense, industrial control system (ICS) security, and non-subsidized cyberinsurance. International agreements on cyber-security will be necessary to properly incentivize countries to prosecute cyber-criminals within their borders, and disincentivize their own use of cyber-tactics for war and espionage. For responsible governance, sometimes the best defense is a good offense – governments need to increase efforts to find, fix, and finish cyber-criminals and terrorists in order to decrease the costs of often ineffective cyber-defenses. Voluntary codes of ethics and privacy technologies will be necessary to discourage slander and the invasion of privacy by hackers and governments, and encourage responsible use of the internet by citizens.
Please click here to download the .pdf file of “BGF Report: Cybersecurity 2016.”