From the rise of cloud-based data in the past decade to the more recent surge of personal devices on business networks, vulnerabilities are everywhere.

Today, e-discovery and digital forensics experts work with a variety of corporate and legal businesses and, so, are fortunate to be exposed to many different client systems over the course of their careers. Many InfoSec professionals may be exposed to only a handful of companies, mostly focused within the same industry, e-discovery and digital forensics experts become talented at switching focus between many different technology environments across a variety of industries, within a relatively short period.

Jason Park, certified cyber forensics professional and director of forensic services at BIA, sat down with Inside Counsel to discuss three emerging technologies that are posing some of the biggest security threats.

Home Automation. First, IoT presents interesting challenges for security and will certainly open up new challenges for discovery and forensics. Everyone knows the security risk is substantial. Just as the Target breach from 2014 captured the vulnerability of an HVAC system, so might outside parties break into the software behind your smart door locks or speaker system. But what kind of data can those speakers access?

Virtual Assistants. Secondly, with the rise in popularity of devices like Alexa and Google Home, there comes one interesting question: How much user history data is stored locally on these devices?

Fitness Wearables. Lastly, not the most obvious in terms of technology to be forensically searched, fitness wearables manage a lot of data about the wearer, including location-to-location tracking, time of location, heart rate, even messaging on some. With more people starting to wear monitors on their bodies, wearables could play key roles in future legal cases.

Per Park, in the rush to bring products to market as quickly and inexpensively as possible, much of the necessary security design and testing is incomplete. And manufacturers often use mass production techniques and rely on cheap hardware and outdated operating systems, leaving devices susceptible to cyberattacks.

So, what are the biggest trends in data security for 2018?

“Because human error accounts for 90 percent of cyber claims, and until companies take cybersecurity training seriously, I believe we will continue to see phishing and ransomware attacks be one of the biggest trends,” explained Park. “Hardware and software flaws will also continue to influence the market, especially given the recent announcement of Meltdown and Spectre, two CPU flaws that affect nearly every device we own.”

As IoT devices, devices like home security cameras, door locks and alarm systems that are connected to a network, become more prevalent in industries across the board, Park believes the risk of IoT breaches will continue to rise, as just one misconfigured device can put an entire company's data in jeopardy.

“As we move closer to the reality of autonomous vehicles, it will be interesting to see how internet-connected vehicles are, or could be, exploited,” he said. “Imagine taking your car in for an oil change, only to have a nefarious mechanic upload malware to the car's processor. All your connected communication, like geolocation information, and even physical access to the car and potentially to your garage door opener, could be exploited and sold.”

These days, while newer technologies pose significant security risks, it's some of our oldest technologies that still present the biggest threat. For instance, power plants and chemical processing facilities often use very fragile and sometimes vulnerable systems. Their process controls, which might have a 20- to 30-year life span, simply were not designed with cybersecurity in mind.

Amanda G. Ciccatelli is a Freelance Journalist for Corporate Counsel and InsideCounsel, where she covers intellectual property, legal technology, patent litigation, cybersecurity, innovation and more.