Background Before joining Galois in 2014, Dr. Zimmerman was a Visiting Associate Professor of Computer Science at Harvey Mudd College in Claremont, California.

Prior to that, he was an Assistant Professor of Computer Science and Systems at the University of Washington Tacoma. He has also held both teaching and research positions at the California Institute of Technology, from which he obtained his Ph.D. Zimmerman’s primary research interest is in the application of formal methods to software and hardware development processes. His other research interests include security, distributed and concurrent systems, object-oriented and component-based design, and computer science theory.

He is the designer and lead developer of JMLUnitNG, an automated unit testing framework for Java software, and has contributed to the design and development of other widely-used software engineering and formal methods tools including AutoGrader, IDebug, and OpenJML.

The Top 18 Security Predictions for 2018 What will happen in cyberspace in 2018? How will technology impact the real world over the next year? Once again, the cybersecurity industry is full of security predictions, cybersecurity trend reports, cyber forecasts, IT security analysis and red-hot security examples to allow everyone to try to connect the dots to the future.

Danon Security

Here’s your annual security industry prediction roundup from the top cybersecurity experts, magazines, companies, analysts and more. Abraham Lincoln once said, “The best thing about the future is that it comes one day at a time.” Winston Churchill once said, “If you’re going through hell, keep going.” And, “Never, never, never give up.” As we, these wise words from fearless leaders who have gone before us certainly apply to cybersecurity and the new 21st-century challenges confronting our world in 2018. What’s HOT and Likely Getting HOTTER in 2018? Last year we started with, “You ain’t seen nothing yet!” Hold on!

2018 will be even worse online, if these global security experts are correct. No doubt, more sophisticated hacker tricks, phishing attempts and data breaches are coming.

What are the most common security predictions for next year? New forms of malware, more expensive ransoms as more ransomware hits more organizations, Internet of Things (IoT) device problems at home, AI and machine learning gone astray (as a cyberweapon), cryptocurrency problems, cloud computing breaches and plenty more of everything we already saw in 2017. Almost everyone is talking about the in 2018 — some think the fines will wait for later after lawsuits will be filed, but most see a major shake-up coming for companies’ policies and procedures as a result of the new European privacy rules. Other common cyberpredictions include increased scope and impact from, the number of cybercriminals (and crimes) increasing, continued shortages of qualified security professionals — with new attempts to deal with the staffing problems, popular (and easy to use) home devices getting hacked in new ways and much more nation-state hacking. In addition, the election hacks, and business email compromised (CEO fraud) show up on many lists as likely items that will expand in the coming year. Why Take the Time to Understand Cybersecurity Industry Predictions?

There’s no doubt that security predictions are exploding and cover a very wide range of technology, physical security and Internet of Things (IoT) topics around the world. The breadth and depth of industry involvement in this cyber forecasting process even exceeds previous years, which is truly remarkable and shows the dramatic growth of the security industry as a whole.

Dan Security Jeremy Kyle

So why take the time to go through these lists? I addressed this topic in detail back in 2016 for CSO Magazine in this piece: I started by saying that Americans love baseball, hot dogs, apple pie and predictions.

I also predicted that more security predictions would be coming — and I certainly nailed that cybersecurity trend. But beyond just a fun end-of-the-year exercise, there is immense value for individuals and companies as they plan their future strategies. Here’s an excerpt of a few of the benefits to understanding what experts think may be coming soon:. Gain industry knowledge, understand overall trends and expand your horizons beyond one stovepipe or topic. Security predictions help you understand industry trends and help you grow in your knowledge — if you do your homework and read the supporting research that usually comes from major vendors. Remember that the actual date the event happens is less important than trends, patterns and even repetition of an item.

Use the free advice, direction, insights and annual reports provided by many to respond to the expected cyberthreats. Use predictions as an opportunity to educate others. Get the word out on cybersecurity — whether that is to your company, your family or your community group. Are you bringing problems or solutions? We claim we want to educate end users on cybersecurity, so educate! Quick Reminders No doubt, there are some leftover (very similar) predictions from the past few years. There is also the annual chorus of: “Will this be the year for a Cyber Pearl Harbor or a Cyber 9/11 that brings down critical infrastructure for a section of the country?” To get a full sense of the breadth and depth of security industry prediction lists and forecasts, I recommend going back in time and reviewing some of the previous security prediction roundups from, and to help keep score on prognosticators.

Our analysis process has not changed much in the many years since we started, and all decisions are made independent of company or magazine influence. For more details, I encourage you to go to the prediction details by clicking on the hyperlinked report and/or visit the specific website and download the full white papers to get more details on these security trends and 2018 predictions lists. Many of these predictions have longer explanations as to why this will happen (with more data to share.) Be aware that some vendors may require you to register (often for free) to get their full prediction report.

So now we're ready to move on to the best (most complete) security prediction list for 2018, ranked from 1-18 using my vendor-agnostic rating system, along with honorable mention and late-arriving prediction lists. Detailed Prediction Reports by Source takes the top prize for again having an impressive, well rounded set of predictions. The Trend Micro theme is “Are You Ready for Paradigm Shifts,” and here are their top predictions:. In 2018, digital extortion will be at the core of most cybercriminals’ business model and will propel them into other schemes that will get their hands on potentially hefty payouts. The ransomware business model will still be a cybercrime mainstay in 2018, while other forms of digital extortion will gain more ground.

Cybercriminals will explore new ways to abuse IoT devices for their own gain. Global losses from Business Email Compromise scams will exceed US$9 billion in 2018. Cyberpropaganda campaigns will be refined using tried-and-tested techniques from past spam campaigns.

Threat actors will ride on machine learning and blockchain technologies to expand their evasion techniques. Many companies will take definitive actions on the General Data Protection Regulation (GDPR) only when the first high-profile lawsuit is filed. Enterprise applications and platforms will be at risk of manipulation and vulnerabilities.

Had another outstanding set of predictions for 2018 on a wide range of topics:. 3) — I really like Watchguard’s presentation of predictions again!

In fact, I would say that their online videos and infographics may be my favorite this year. However, their actual predictions seemed rather mainstream and offered no huge surprises. Very solid list though:.

Cryptocurrency Crash. Wi-Fi Hacking. Increased Adoption of Corporate Cyber Insurance. IoT Botnets Force New Regulations. Linux Attacks Will Double. Multi-factor Authentication. Hack Election Machines 4) —McAfee forecasts developments in adversarial machine learning, ransomware, serverless apps, connected home privacy, and privacy of child-generated content.