As natural philosopher and onetime baseball catcher Yogi Berra reportedly said: "It's tough to make predictions, especially about the future."
But that doesn't mean people and organizations don't try -- for good reason. In the world of business, correctly seeing the future even a few months out can provide a leg up on the competition or, in the case of cybersecurity, on ever-present attackers. A missed guess can leave one scrambling to catch up.
So, herewith are some predictions for 2015 on security from research firms Gartner and Forrester Research, and from Arthur W. Coviello Jr., executive chairman of RSA.
Nation states vs. private sector
(Coviello) Nation-state cyber-attacks will continue to evolve and accelerate but the damage will be increasingly borne by the private sector.
"With no one actively working on the development of acceptable norms of digital behavior ... we can expect this covert digital warfare to continue," Coviello said. And it will increasingly be private sector firms that will be, "the intended victim or the unwitting pawn in an attack on other companies."
The rise of integrated threat intelligence
(Gartner) Internet of Things (IoT) device revenue growth of almost 30% will create new vulnerabilities and security demands relating to both physical and digital environments. The expected convergence of IoT security and information security technologies, along with increased regulatory activity directed at protecting critical infrastructure, will drive demand for integrated threat intelligence capabilities, including IoT-related threat data feeds.
More money, much more scrutiny
(Forrester) Security budgets will see double-digit growth in sectors outside of banking and the defense industrial base.
The downside to those increases will be an enormous amount of scrutiny and much higher expectations, not just from business leaders and counterparts in technology management, but also from customers, government agencies, and privacy watchdog groups.
The quest for a uniform threat language
(Gartner) The drive toward a common framework adopting a uniform language, such as Structured Threat Information Expression, will accelerate as a result of the complexity and challenges brought by the need to integrate IoT security data inputs for indicator of compromise (IOC) detection.
(Coviello) A maturing privacy debate will become more pragmatic and balanced. Prospects for responsible privacy policies and intelligence sharing legislation that would better protect our privacy may improve. One test of this prediction will be the outcome of the EU General Data Protection Regulation, which may reach a final form in 2015.
More billions of things, more billions of risks
(Gartner) 4.9 billion connected things will be in use in 2015, up 30% from 2014, creating disruption, continued opportunities and continued risk.
"Organizations must straddle the tension of all the information available from smart things by balancing their desire to collect and analyze it with the risk of its loss or misuse," according to Steve Prentice, vice president and Gartner Fellow.
Sign up for CIO Asia eNewsletters.