2017-DP-ReportBakerHostetler began publishing its Data Security Incident Response Report in 2015. Although we were the first law firm to do so, inspiration for the report came from similar reports that cybersecurity firms issue. We will be publishing our 2017 Report on April 13, 2017, containing statistics and insights from the 450+ incidents we led clients through in 2016. We think companies can use our report as a “crowdsourced” tool for identifying risks/threats, response metrics and risk mitigation investment priorities. As a preview to the release of our 2017 Report, we thought it would be helpful to provide a similar crowdsourced summary of the 2017 cybersecurity predictions from Mandiant, Stroz Friedberg, Crypsis, Kroll, Protiviti, Wombat and TrendMicro to see what commonalities and trends exist. It didn’t take long to determine that nearly everyone identified ransomware, social engineering and the internet of things (IoT) as high on the list of cybersecurity risks for 2017.


Ransomware typically takes the form of software that surreptitiously encrypts vital data on your computer system and demands payment in exchange for the decryption key so you can get your data back. If you don’t pay the ransom, you lose your data. The amount of ransom varies from a few hundred dollars to several thousand. In the past, threat actors would write their own ransomware code. However, given ransomware’s track record of effectiveness, threat actors incapable of coding the software themselves can simply buy “plug and play” ransomware through an illicit market.

Social Engineering

Tricking people is as old as … well, people, and the cybersecurity world is not immune to the practice. It’s a reality that the Achilles’ heel of cybersecurity is the human element. Technological defenses go only so far. The alarm system on your house could be impenetrable, but not if you give away the passcode. Trickery in the cybersecurity world is generally called “social engineering.” Social engineering uses deception to trick people into disclosing personal information so that it can be used for fraudulent purposes. Phishing is a ubiquitous social engineering practice that typically takes the form of an email disguised to look legitimate (sometimes appearing to come from a co-worker or boss) and attempts to get the victim to disclose personal information. Phishing attacks are only getting more sophisticated. For example, phishers are now using social media to gather information to help them lure victims into disclosing personal information.

Internet of Things

The internet used to be a network of just computers. That network has rapidly grown to include phones, DVRs, cars, refrigerators, washing machines, lights, home security systems and even pet-feeding systems. This new network of nontraditional computer “things” is called the internet of things.

IoT is becoming an important and integral part of our lives, and its security is a top concern. Many problems stem from eager device manufacturers rushing to deploy convenient products to meet rapid consumer demand without taking the time to make security a priority. Soon, almost everyone will have dozens of things connected to the internet. To make matters even more complicated, these additional things are usually connected to the internet 24 hours a day and therefore are always vulnerable. History has already shown that cars and even medical devices can be hacked.