The year is closing with official allegations of Russian hackers and fake Internet news having tipped the most crucial election in a generation.

In 2016, Yahoo admitted it had lost control of not a mere half a billion user accounts in 2014 — but also 1 billion-plus records the prior year — these incidents represent the biggest hackings of a single’s company’s network, as The New York Times explains. In all, during the past 12 months, there were some 3,000 publicly disclosed data breaches that, in total, jeopardized 2.2 billion records, says Digital Trends.

Undoubtedly, the actual number of breaches is far greater, as many companies are reluctant to advertise they’ve been hit. Needless to say, if the United States' largest political organizations (and its biggest corporations) can become cyber-victims, where do small-to-medium businesses and midsize enterprises stand? Well, the best way to prepare for a fight is to do so intelligently, and look at where the most likely vulnerabilities will lay.

Gloomy Outlook For Security Next Year

One of the worst things about the present is what it bodes for the future. So, in large part, 2017 will continue the same alarming trends in security as in 2016 — with ransomware activity growing and cloud vulnerabilities expanding. These were just some of the many observations included in the McAfee Labs 2017 Threats Predictions, released last month. Despite the bad news, there are some reasons for hope: For instance, we're seeing greater coordination in threat intelligence sharing, and collaboration between the physical security and cybersecurity industries is increasing.

Ultimately, explains McAfee, the industry must not just focus on small technical patches: It must also be able to understand the big picture of security, with vendors ensuring security overall will be set on a more stable and stronger axis. As the report states, “Solving these problems requires foundational research, new classes of products, heavy development time and effort, and a sustained focus, often by multiple industry participants working together.”

The Bad News

For your edification, here is a quick snapshot of some of the report’s most prominent prognostications and observations:

  • Cyber criminals will leverage machine learning to optimize their social engineering attacks
  • Hacktivists will take aim at consumer privacy
  • The amount of Web-based fake ad, security warnings, product reviews, and the like will grow — and with that, the public trust in the Internet will correspondingly erode

This last issue isn’t necessarily something that can be repaired just by a few technical fixes. In fact, lack of trust in Web content may be worse than even the biggest virus, and it may start to hobble e-business overall.

Some Glimmers Of Security Hope

On the other hand, McAfee Labs noted that not everything is doom and gloom. In fact:

  • Although ransomware activity will peak by mid-2017, it will then start to wind down
  • Despite existing vulnerabilities in Internet of Things-enabled devices, cyber criminals still haven’t found a way to make hacking these systems demonstrably profitable
  • Law enforcement will work more closely with security vendors to defeat cyber crooks
  • As cloud adoption grows, service providers/vendors will embrace more rigorous and consistent technical and assurance standards

Clearly, plenty remains to be done in the big problem-solving and in the smaller-fixes departments alike. But in the meantime, as a midsized enterprise IT professional, you can also see where these trends put your organization, and take steps to protect your assets and network.