What to Expect in Cybersecurity for 2017: Ransomware, Politics, and Shifting Defenses

The holiday season often brings a sense of renewal, but for cybersecurity professionals, the new year signals fresh challenges. As 2016 fades into memory—a year marked by high-profile breaches and the dominance of ransomware—the question on everyone’s mind is: what lies ahead in 2017? This article delves into the key cybersecurity predictions for 2017, examining how ransomware will evolve, the role of political hacking, and the steps enterprises must take to stay secure.

Ransomware: From Mass Attacks to Targeted Extortion

Ransomware dominated headlines in 2016, and experts agree it will only grow more sophisticated. According to Bitdefender, cybercriminals are investing in automated targeting to distinguish between home users and corporations. This shift allows attackers to demand higher ransoms from businesses, knowing they are more likely to pay to regain critical data.

Catalin Cosoi, chief security strategist at Bitdefender, explains that refining ransomware to target specific groups will dramatically increase success rates. Attackers can craft convincing spear-phishing messages, driving record-breaking open rates. Once inside a corporate network, they can customize ransom demands based on the victim’s data value. This means that ransomware trends 2017 will likely include more personalized and aggressive extortion tactics.

Similarly, Cyber adAPT warns that ransomware could “spin out of control” in the coming year. Citing Symantec’s Security Threat Report, which found over 4,000 ransomware attacks per day in 2016—a 300% increase from 2015—the firm emphasizes that traditional defenses like firewalls and antivirus software are insufficient. Scott Millis, CTO of Cyber adAPT, argues that detection and incident response must improve to combat this rising tide.

Political Hacking and Disruption: A Growing Concern

Beyond ransomware, political hacking is expected to escalate in 2017. The previous year saw state-sponsored attacks and election interference, setting a precedent for further disruption. Experts predict that hacktivist groups and nation-state actors will target critical infrastructure, government systems, and political campaigns.

This trend underscores the need for robust security protocols in public and private sectors. Enterprises should expect increased scrutiny of their supply chains and third-party vendors, as attackers exploit weaker links. For a deeper look at how organizations can bolster defenses, check out our guide on enterprise security best practices.

The Role of Poor Routine IT Practices

Another key prediction for 2017 is the continued fallout from poor routine IT practices. Many breaches stem from basic oversights: unpatched software, weak passwords, and inadequate employee training. As attackers become more sophisticated, these vulnerabilities become easier to exploit.

Security awareness training will be critical. Companies must move beyond compliance-driven approaches and foster a culture of vigilance. Social engineering attacks, often delivered via social networks, target specific individuals to gain access to sensitive data. Without comprehensive education, ransomware and other threats will continue to affect organizations.

CIOs Reclaiming Ownership of Data Initiatives

On a positive note, 2017 may see Chief Information Officers (CIOs) reclaiming ownership of data initiatives. In recent years, data strategy has often been fragmented across departments, leading to inconsistent security policies. As threats multiply, CIOs are stepping up to centralize governance and invest in proactive defenses.

This shift could lead to better integration of security into business processes. For example, implementing data loss prevention strategies can help organizations monitor and protect sensitive information across networks. By taking a leadership role, CIOs can ensure that security is not an afterthought but a core component of digital transformation.

Hope on the Horizon: Collaborative Defense Efforts

Despite the grim outlook, there is reason for optimism. Initiatives like the No More Ransom! project, which provides decryption tools for victims, are gaining traction. Law enforcement agencies are also collaborating more closely with the security industry to disrupt criminal networks.

Raj Samani, CTO EMEA at Intel Security, predicts that these efforts will reduce the volume and effectiveness of ransomware by the end of 2017. While pioneer groups like CryptoLocker and CryptoWall may persist, smaller players are expected to abandon ransomware as defenses improve. This collaborative approach could shift the balance in favor of defenders.

Conclusion: Preparing for a Turbulent Year

In summary, cybersecurity predictions for 2017 paint a picture of evolving threats and emerging defenses. Ransomware will become more targeted, political hacking will intensify, and poor IT practices will remain a liability. However, with CIOs taking charge and industry collaboration expanding, organizations can mitigate risks. The key is to stay informed, invest in proactive measures, and foster a security-first culture. As the new year unfolds, vigilance will be the best defense.

‘We’ll Always Have Paris’: Key Takeaways from ISSE Conference 2016 on Digital Identity

The 17th annual ISSE Conference 2016 took place in the heart of Paris, drawing cybersecurity professionals from across the globe. This year’s event zeroed in on digital identity as the central theme, with speakers and attendees dissecting its growing influence on internet security, interconnected systems, and everyday life. Over two packed days, the conference delivered a mix of technical deep dives, strategic debates, and forward-looking insights that continue to resonate today.

If you missed the action, don’t worry—we’ve captured the most memorable moments and actionable ideas from the event. From the silent revolution of the Internet of Things (IoT) to the unique challenges faced by security teams, here’s what stood out.

Why Digital Identity Dominated the Agenda

Jon Shamah, chairman of EEMA, set the tone early in his welcome message: “This is the Year of Identity and Security, and ISSE has never been more relevant.” He argued that digital identity has moved from a niche concern to a center-stage issue for organizations worldwide. This claim was backed by sessions exploring how digital identity shapes online trust, impacts interconnected relationships, and introduces new vulnerabilities.

One particularly engaging panel examined the ripple effects of ever-increasing identities—from social media profiles to corporate access credentials. The consensus was clear: as identities multiply, so do the risks of fraud, impersonation, and data breaches. Yet, the conference also highlighted opportunities, such as machine-based learning technology that can automate identity verification and threat detection.

For a deeper look at how identity management is evolving, check out our guide on digital identity best practices for modern enterprises.

Security Team Challenges: Scaling Without Burning Out

Mohit Kalra, senior manager of secure software engineering at Adobe, delivered a standout presentation on the hurdles security teams face today. He identified three primary obstacles: scaling security work within small teams, managing diverse and growing product portfolios, and balancing business-critical products against legacy applications.

However, Kalra didn’t stop at problems—he offered a three-step solution. First, establish a minimum security bar with baseline tasks for every team. Second, treat security as a shared responsibility across the organization, not just the security department. Third, set up product teams for success by embedding security practices early in development cycles.

“Security is about making choices,” Kalra emphasized. “You don’t fix everything in one day. The real question is: who do we engage with the most, and how do we prioritize that time?” This practical advice resonates especially for startups and mid-sized firms struggling with limited resources. For more on building resilient security teams, read our article on cybersecurity team building strategies.

The Silent Revolution of the IoT

Andreas Ebert, Microsoft’s regional technology officer for Western Europe, described the IoT revolution as “almost a silent one.” He explained that most IoT activity happens beneath the surface—embedded in everyday objects like smart thermostats, wearable devices, and industrial sensors. The scale of this shift is unprecedented, driven largely by falling device costs that make IoT accessible to more consumers and businesses.

Yet, with scale comes risk. Ebert highlighted security challenges including insecure design, disclosure of personal information, and limited update capabilities. These issues must be addressed, he argued, to unlock the full benefits of IoT—such as improved threat identification, better decision-making, and enhanced availability of services.

Building on this, a later session explored how machine learning can help mitigate IoT risks by detecting anomalies in real-time. This combination of innovation and caution was a recurring theme throughout the ISSE Conference 2016.

Spies, Fake Identities, and Digital Credibility

Dave Birch, director of innovation at Consult Hyperion, took a refreshingly unconventional approach. He challenged digital identity experts to consider a thorny question: how do you build an identity system that accommodates legitimate fake identities—for spies, undercover agents, or people in witness protection?

Birch noted that while it’s “easy to make a fake passport,” creating a convincing fake Facebook profile without detection is extremely difficult. In today’s world, credibility is often verified through social media, LinkedIn accounts, and other digital footprints. But what about individuals who have genuine reasons to hide their true identity?

“Spies are perfectly legitimate,” Birch said. “If you’re going to come up with a plan for the future of digital identity, your plan has got to fix both problems—protecting fake identities for legitimate users while preventing fraud by ordinary people.” His talk sparked lively debate about the ethical boundaries of identity systems.

Data Protection Failures and Rising Enforcement Trends

Jacqueline Zoest, a barrister at Campbell Miller, closed the conference with a sobering look at data protection failures. She referenced high-profile breaches at TalkTalk and Sony Pictures, noting that monetary penalties for data breaches are on the rise. “They do seem to be increasing,” Zoest observed, adding that complementary audits are becoming more prominent as a result.

One key factor influencing fine amounts is an organization’s behavior after a breach. “An aggravating factor that would increase the fine is a lack of cooperation between the organization and the ICO,” she explained. This includes refusing voluntary audits. Zoest suggested a growing trend toward collaboration between regulators and companies, aimed at changing behaviors to prevent future breaches and avoid hefty fines.

For organizations looking to stay ahead of enforcement trends, our resource on data breach response planning offers practical steps to mitigate legal and financial risks.

Looking Ahead: What ISSE 2016 Taught Us

The ISSE Conference 2016 in Paris was more than just a gathering—it was a snapshot of an industry in transition. Digital identity is no longer a back-office concern; it’s a strategic priority that touches every aspect of cybersecurity. The event underscored the need for collaboration, whether between security teams and product developers, regulators and organizations, or even identity systems and spies.

As we reflect on these highlights, one thing is clear: the conversations started in Paris are far from over. They continue to shape how we approach identity, security, and trust in an increasingly connected world.

How to Handle Security Stakeholders: Avoid These Common Pitfalls and Build Trust

Managing a cybersecurity initiative is no small feat. IT and security leaders must collaborate with a wide range of stakeholders — from employees to the board — to define the strategy, secure approval, and maintain momentum. Learning how to handle security stakeholders effectively is essential for any project’s success. Without their confidence and commitment, even the best-laid plans can quickly unravel. Yet, many professionals fall into predictable traps that undermine trust and progress. Here’s how to recognize and avoid these common mistakes.

Why Stakeholder Alignment Matters in Cybersecurity

Cybersecurity touches every part of an organisation. As a result, it requires buy-in from multiple groups: executive leadership, department heads, IT teams, and end users. When stakeholders feel informed and involved, they are more likely to support the strategy and allocate the necessary resources. Conversely, poor communication or misaligned expectations can lead to delays, budget cuts, or outright failure. Therefore, mastering the art of stakeholder engagement is not optional — it is a core competency for modern security leaders.

Common Mistakes and How to Avoid Them

Mistake 1: Dropping Communication After Initial Approval

One of the most frequent errors is to stop updating stakeholders once the project is greenlit. Leaders assume that everyone is on board and will stay that way. However, circumstances change: new threats emerge, technologies evolve, and priorities shift. Without regular updates, stakeholders may feel left out or become anxious about progress.

Solution: Establish a consistent cadence for check-ins — monthly or quarterly. During these meetings, share what is working, what isn’t, and what the next steps are. This transparency builds confidence in your team’s ability to adapt. It also provides a safe space for stakeholders to voice concerns before they escalate into bigger problems.

Mistake 2: Sticking to a Failing Strategy

IT leaders often feel pressure to stick with an approved plan, especially after significant capital and resources have been committed. But reality rarely matches the blueprint. New vulnerabilities, adversarial tactics, and technological shifts demand flexibility. Clinging to a flawed approach can waste time and money.

Solution: Do not be afraid to flag issues early. Reach out to stakeholders for feedback — this is your opportunity to lean on their expertise. Adjust your strategy as needed and communicate the changes clearly. Remember, a plan is a starting point, not a prison.

Mistake 3: Keeping Employees in the Dark

Users are often the weakest link in cybersecurity. Research shows that just 1% of employees account for 75% of security risk. If staff do not understand why security matters or how their actions affect the organisation, they are more likely to make costly mistakes.

Solution: Open up communications with the entire workforce. Hold education and training sessions before launch and throughout the project lifecycle. Explain what the organisation is doing to protect data and reduce risk. Gather insights on the tools employees use, then adapt your strategy to enable productivity while keeping assets secure. When users feel included, they become allies rather than liabilities.

Mistake 4: Using Fear to Win Over the Board

Board members can be the most intimidating audience. Security projects often come with high costs, and directors may resist spending. In response, some IT leaders resort to scare tactics — highlighting worst-case scenarios and terrifying breach statistics. While fear can grab attention, it rarely sustains long-term support.

Solution: Focus on the positive business outcomes that cybersecurity enables. Talk about how a robust security posture supports growth, customer trust, and competitive advantage. It is fine to mention a recent breach or potential costs, but do not let fear dominate the conversation. Frame security as an investment, not just a necessary expense.

Mistake 5: Failing to Kill Failing Projects

Some projects simply will not work, no matter how much effort you pour into them. The natural instinct is to try harder, fix the problems, and push through. However, this can lead to escalation of commitment — throwing good resources after bad.

Solution: Treat failure as a learning opportunity. Debrief with stakeholders on what went wrong, refine your approach, and be willing to start over. Align on what is best for the business, and do not hesitate to end a program that is not delivering value. Knowing when to cut losses is a sign of strong leadership.

Building Long-Term Stakeholder Trust

Ultimately, learning how to handle security stakeholders is about building relationships based on transparency, adaptability, and mutual respect. By avoiding these common pitfalls, you can foster an environment where stakeholders feel heard, informed, and confident in your decisions. For more insights on cybersecurity leadership, explore our guide to security governance and learn how to communicate effectively with the board.

Remember: cybersecurity is a team sport. The more you engage your stakeholders, the stronger your defence becomes.