A Look at Cyber Security Trends for 2014

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://smartdatacollective.com/mike20/225291/look-cyber-security-trends-2014

We’re now more than halfway through 2014, and as with any year, the world
of technology has been rapidly progressing and evolving. This year, there’s
been more discussion than ever about numerous topics such as the benefits
of big data, the Internet of Things, mobile technology, and how to make the
most of cloud computing. There’s plenty of excitement to be had so far and
much more on the way, but in the fast moving technological environment we
now live in, there’s also reason to worry. Security in particular, whether
it’s network security, computer security, or IT security, is foremost on
many business leaders’ minds. To prepare for what the future may hold, it’s
important to look back at some of the recent trends to see the threats and
solutions having the biggest impact on cyber security.

Securing Internet Connections

Perhaps one of the biggest movements to happen in recent months is the
expansion of devices now connected to the internet. While this can be seen
through the adoption of smartphones and tablets all over the world, it also
applies to other everyday objects that now find themselves with web access.
That expansion is only expected to increase over time, with the number of
internet-connected objects predicted to explode from 10 billion today to 50
billion by 2020. Many are using the term the Internet of Things to explain
the phenomenon, and while it opens up innovative new options for making
life easier and more connected, it does lead to a greater attack surface
for attackers to take advantage of. That’s why companies are looking to
make the Internet of Things more secure, but not by simply expanding
traditional security procedures, which would prove ineffective. One method
aims to reduce that amount of attack surface, limiting the possibilities of
an infiltration. The method includes using some basic defensive measures
such as frequent software patching, advanced user identity and network
management, and the elimination of infrastructure dark space. These
strategies can end up reducing attack surface by as much as 70%.

Cloud Security

In the past few years, businesses have begun truly utilizing cloud
computing in new ways. Now more than ever, cloud providers are offering new
services that can help companies be more efficient and productive. But as
businesses move to the cloud, so are attackers. The reason for this is that
withmovement to the cloud, businesses will often send their corporate data
there as well. Cloud security is very much a work in progress, and
attackers have been eager to infiltrate the cloud to steal not just
business data but people’s personal data as well. Attackers may in fact
hold sensitive data for ransom, sort of like blackmail, in order to extract
value of their own from it. Cloud vendors will need to provide stronger
password capabilities and reinforced cloud data access policies to ensure
this doesn’t happen.

Increased Mobile Malware

Nearly everyone has a smartphone these days, and this fact has not gone
unnoticed by attackers. While smartphones are certainly convenient, they
are also frighteningly vulnerable. One study shows 80% of smartphones have
no malware protection at all, which makes them a prime target for
cybercriminals looking to gain access to them. The amount of malware aimed
at iPhones and Android devices is growing exponentially, as is the number
of devices that have been infected. Of particular concern is the increase
in Android malware, but whatever device you use, securing mobile technology
will take time. Improvement are already being made, but it will take time
before they become a common feature on smartphones.

Third Party Security

Cyber security is also being made a much more important priority for third
party organizations. You’ve likely heard of the massive security breach
that hit Target, costing the mega-corporation tens of millions of dollars,
not to mention compromising sensitive information for millions of
customers. The attackers were able to gain access to Target’s systems by
infiltrating a third party organization, which already had access to the
Target network. Breaching the third party made access to the larger
internal system much easier. With this damaging breach, companies are now
working harder than ever to secure their supply chains, with more emphasis
being placed on increasing security for third parties. The process to do
this won’t be easy, but as seen in Target’s case, the alternative is simply
too costly.

Security will never be perfect. Businesses will have to be constantly
vigilant as they search for attackers intending to inflict harm and steal
data. While no security measure can deal with all present and future
threats flawlessly, companies are working hard to make sure cyber security
is ready to meet these challenges. As security improves, businesses and
individuals can rest a little easier knowing their information is protected.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!