Welcome to The Tanium 10, our weekly roundup of the news that matters most to security and IT professionals. Each week, we spotlight the 10 stories, trend reports, and research that caught our eye—all to help you keep up with what’s happening in our fast-paced industry. We value your feedback. Once you’ve read this week’s insights, please email me here and tell me what you think. See something you’d like to discuss further? Join the conversation in our Tanium User Community.
The Tanium 10 for the week ending December 29, 2017:
- Show us the money. A Spiceworks survey of more than 2,000 IT professionals in the U.S. and Europe reveals nearly a third (32%) of respondents plan to move to a new employer in the year ahead. More than half of respondents (51%) expect a raise from their current employer, and 21% said they expect a promotion in the next 12 months. How do your career plans compare?
- Damages from ransomware attacks exceeded $5 billion in 2017, a 15X increase in only two years.
- Every 39 seconds a computer is attacked by hackers somewhere in the world, according to researchers at the University of Maryland. The study’s director, Michel Cukier, says, “most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities.”
- Mama always said there was money in sales. While security engineers can command annual salaries of $110,000 – $150,000, and cloud security engineers/architects can fetch $160,000 – $190,00 a year, recruiter Veronica Mollica says the real money is in sales. By her estimates, sales engineer roles command an annual salary of $180,000 – $220,000.
- The year’s Top 10 hacks included Equifax, WannaCry, NotPetya, Bad Rabbit, and the DeepRoot voter records breach, according to CNN Money. New revelations about the scope of older hacks, like the 2013 Yahoo breach, also made the Top 10 list this year.
- Gartner predicts by 2020, organizations will more than triple the amount they’re spending on artificial intelligence-based solutions for cybersecurity. For example, the research firm says 10% of pen tests will be done by smart machines.
- Shameless Tanium plug, year-end edition: In his latest blog post, our CSO David Damato shares the three trends he believes most influenced IT ops and cybersecurity in 2017.
- What about the budgets? When market research firm Computer Economicssurveyed 202 IT execs in the United States and Canada in May, it found 65% of them planned to increase IT operational spending in 2017. The 2018 SIM IT Trends study finds IT budgets in the U.S. increased 23% in 2017 to $107 million from $86.6 million in 2016. The SIM study is based on 1,178 survey responses from IT leaders.
- Smartphones are targets, too. Lest we forget, this year brought us several examples, including KRACK (Key Reinstallation Attacks), discovered by researchers Mathy Vanhoef and Frank Piessens, at Belgian University KU Leuven. KRACK targets the WPA2 protocol used to secure WiFi traffic. There was BlueBorne, which imperiled billions of Bluetooth devices. And then we heard about Broadpwn, a flaw in iOS and Android devices which could have allowed for a massive WiFi malware attack, were it not for Exodus Intelligenceresearcher Nitay Artenstein, who discovered it before bad guys did.
- Cybersecurity threats are one of the top 5 issues corporate boards of directors must address, according to the National Association of Corporate Directors(NACD). The organization’s 2017-2018 Public Company Governance Survey of 587 corporate directors reveals only 37% of respondents feel confident or very confident that their company is properly secured against a cyberattack.
And another thing…
After analyzing data from 5 million passwords leaked this year, Splashdata reveals its list of the 10 worst passwords of 2017. Topping the list, again, is everyone’s favorite: 123456, joined by these, er, “unique” newcomers: 123456789, letmein, and iloveyou. Will we ever learn?
Like what you see? Click here and sign up to receive The Tanium 10 in your inbox every Friday.