2013 was another eventful year in the brief history of cyberspace - with more online holiday shopping, more spear-phishing, some big technology successes, a few government project failures and more virtual surprises than ever before.
But the biggest cyber news from 2013, and a story that will be told for decades, is the tale of Edward Snowden. While many do not support his actions, the ramifications from his disclosures have changed the global debate regarding online privacy, insider threats, cloud computing and the role of government surveillance in cyberspace. Some supporters even call him the person of the year.
No doubt, this story will continue to unfold in 2014, with Snowden spending this Christmas hiding from US authorities in Russia. He continues to make headlines by releasing new NSA information and threatening to unveil even more secrets. So much so that some U.S. government leaders want to grant Snowden amnesty to come home if he stops leaking.
Quick Recap
The year started with industry-wide predictions of more mobile malware, hacking-as-a-service and especially ransomware. The ransomware predictions turned out to be accurate with cryptolocker ransomware stories becoming a major issue in 2013. For example, this article describes the psychological impact of getting the notice that your data is being held hostage.
There were early hopes for a national doctrine on cybersecurity and possibly even federal legislation. But what we did get was the importance of critical infrastructure protection showing up for the first time in the President’s State of the Union Address, along with an Executive Order on protecting cyber assets. A timeline was laid out for the new NIST Cybersecurity Framework, and progress has been made on that front all year.
The RSA Conference was bigger than ever in 2013, with several takeaways. One focus was the role of big data, and another was an overall sense that cybersecurity is hotter than ever.
We kept hearing more and more about wearable technology in 2013, with pictures and reports of the special few that were seen using products such as Google Glass. The privacy implications and restrictions will be an interesting theme in 2014 as some governments consider whether to bar driving while wearing virtual-reality glasses.
Hacks of the Twitter feeds for the AP and others, along with numerous big website hacks, continued throughout the year. Most experts think these hacking headlines will not slow down in 2014.
The Boston bombing was a major story, along with the many implications in cyberspace.
In government, the growing importance of FIRSTNET for dealing with emergencies started to emerge in several ways. Also, cyber training and awareness education for technical staff and end users was a constant theme.
The National Governors Association launched a Call to Action on Cybersecurity this fall, and several events signaled the shift to local attention on this matter. There was also a new focus on working across public/private lines in the event of cyber emergencies.
2013 Trends
There were a few trends that gained steam in 2013. These include Bring Your Own Device (BYOD) to work and mobile apps proliferation – with free downloads taking the biggest piece of the pie.
The other major tech trends involving big data and cloud computing may have slowed a bit – with the Snowden story causing some to rethink some aspects of their strategy. The Snowden leaks also slowed cybersecurity legislation.
Most analysts believe the Snowden story cost US cloud providers billions of dollars overseas. But the overall cybersecurity market is growing rapidly. Here’s one example:
“According to a report by Gartner, Inc, a technology research company, the worldwide security technology and services market is forecast to reach $67.2 billion (Dh246.6 billion) in 2013, up 8.7 per cent from $61.8 billion in 2012. The market is expected to grow to more than $86 billion in 2016. McAfee’s in July reported that US companies where losing an estimated $100 billion annually due to cybercrime.”
At the Michigan Cyber Summit in October 2013, Richard Stiennon suggested that the cybersecurity industry will grow tenfold in ten years. Indeed, new sub-industries are being born within cybersecurity that focus on topics such as incident response and new ways to secure critical infrastructure.
2013 Wrap-up
As we head into 2014, we face an explosion of new social media and other online services that are transforming society in new ways. It’s hard to believe that Facebook is still not 10 years old.
Trying to predict the next big cyber event like the Snowden leaks or a major “Cyber Pearl Harbor” is almost impossible. And yet, it would be wise to heed the words of the outgoing Secretary of Homeland Security Janet Napolitano, who may end up of having the cybersecurity quote of the year when we look back several years from now. The Department of Homeland Security's former director said:
“Our country will, for example, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society.
While we have built systems, protections and a framework to identify attacks and intrusions, share information with the private sector and across the government, and develop plans and capabilities to mitigate the damage, more must be done, and must be done quickly.”
Only time will tell, but I suspect the former Secretary is right.