More than $2.5 trillion in mergers were announced in the first half of 2018—a new record. Ranked by value of the deal, energy and power deals led, followed by media and entertainment, with healthcare and industrials close behind. Industries are converging and organizations are using acquisitions, divestitures, and other forms of asset remix to reposition their businesses. For example, there are numerous mergers among pharmaceutical, life sciences, and biotech companies as they seek to gain traction in a highly fragmented market. EY predicts that the total value of life sciences M&A will surpass $200 billion in 2018. According to Deloitte, technology acquisition is the primary driver of M&A pursuits, ahead of expanding customer bases in existing markets, and adding products or services.
At a recent industry event, I got to chatting with the CISO of a major children’s hospital. Over a beer, he shared with me the challenges he faces daily. Our far-reaching conversation covered nation-state actors enticing students to exfiltrate clinical trial test results, to his search for a secure USB port cover for patient-facing devices. Maybe it was the beer, but as he described his tribulations, each to me worse than the next, his enthusiasm and energy grew. Every so often he stopped to shake his head in disbelief at his own story as if to say, “Even I can’t believe how bad this is…”
What a difference a year makes.
In 2018, we find deception platforms listed with a “High” Benefits Rating in Gartner’s Hype Cycle for Threat-Facing Technologies, 2018.
It goes without saying that digital transformation—the reengineering of core business processes leveraging digital technology—dramatically increases cyber risk for most organizations. It usually results in greater avenues of connectivity, collection of richer data from more sources, use of cloud services, extension of trust to more people and entities, and incorporation of smart devices in one form or another.
ATMs are literally boxes of cash—too good for criminals of any stripe to pass up. When ATMs first emerged, thieves used brute-force tools like crowbars, explosives, and propane torches to remove the ATM machine itself or get at the cash inside. As recently as April, three men were charged in Salt Lake City, UT, for trying to blow up ATMs and steal the cash.
As we survey the threat landscape, two things are certain—targeted attacks and advanced persistent threats (APTs) are here to stay, and organizations face increased risk from advanced attacks compared to the past two years. Several existing trends will continue, and we’re seeing attackers refine their tools in ways that will drive new trends in the coming months.