Five major trends in cybersecurity that you should have in mind when creating your Information Security road map for 2016.
Cloud services
Whether you accept it, or are still confused by it cloud is great tool for increasing collaboration and having access to your data on the go. The industry is expected to grow by at least 18.4% next year, and with somce cloud companies being valued at more than $160billion. By 2020, 4.6 billiom cloud users are expected to grow. No wonder cloud data is in radar of hackers.
On the top of that following are the issues cloud has :
1. Cloud policies are not clear.
2. Huge amount of data flowing around which is protected by minimal encryption.
3. International hosting location and legislation not clear.
4. No standard/guideline for scrutinie of cloud vendors.
5. Different security standards?
2. Huge amount of data flowing around which is protected by minimal encryption.
3. International hosting location and legislation not clear.
4. No standard/guideline for scrutinie of cloud vendors.
5. Different security standards?
Ransomware
Year 2016 is shaping up to become "The Year Of Ransomware". The impact of ransomware is growing. According to the Cyber Threat Alliance, the recent CyrptoWall v3 threat has cost hundreds of thousands of users worldwide more than $325 million so far. Ransomware attack and encrypts important files, rendering data inaccessible until you pay the ransom.
As per McAfee Ransomware grown more than 165% in 2015. Year 2016 is very critical we can get rid off with this problem easily if we take backup up individuals and businesses regularally. With a bit of forethought, better education and real-time security protection, can be cut down to the size of ransomware.
Spear phishing
Spear-phishing emails often result in drive-by downloads, a silent malware download that takes place in the background without the user’s knowledge. Drive-by downloads are enabled by vulnerabilities in user applications like browsers or browser plug-ins, Java applications, Adobe Acrobat and others. Exploiting unpatched or unknown zero-day vulnerabilities, attackers can download malware to the user’s machine while the user remains unaware of the download. The attacker can then use a compromised device to gain access to the corporate network, steal intellectual property and compromise operational systems and/or financial assets. Spear phishing targeting of high-level executives or anyone with a high security clearance is on the rise. If cybercriminals can hack a CEO’s account, for example, they can use it to wreak havoc and expose a lot of sensitive data.
Educating potential targets about the dangers is not enough. You need a combination of real-time monitoring and scanning systems, with protective blocking capabilities. Laying down a security policy/Framework and employee education is all you need.
Open Source (Known vulnerabilities)
The open source adoption is very common for cost saving persay in many companies, and there are lots of off-the-shelf open source software packages are very popular. Integrating this software will often make more business sense than developing something in-house, but you have to keep vulnerabilities in mind. Publicly known vulnerabilities are one of the biggest threats for Information security departments.
As per HP’s 2015 Cyber Risk Report found that 44% of 2014 breaches came from vulnerabilities, and you can see the problem. Software must be patched regularly, and maintenance is required to avoid common configurations that offer attackers an easy way in.
The Internet of Things
The main problem is that because the idea of networking appliances and other objects is relatively new, security has not always been considered in product design. IoT products are often sold with old and unpatched embedded operating systems and software as mobile and wearables devlices on the workplace are part of life, each offering a new potential inroad for a cybercriminal. As connectivity spreads into every corner of our lives and businesses, it becomes more and more challenging to maintain a clear view of entry points and data flow.
The IoT may herald some exciting business opportunities, but we must be aware about ensuring that access is limited and secure. Sensitive data should be encrypted, access must be restricted. It’s important to be able to manage and block access to enterprise devices and networks when necessary.
How the world is responding?
1. Spending on IT security will reach $101 billion globally by 2018.
2. Cyber safter training will aslo become more puplar now these days? No wonders cyber saftey will be run in form of "fire safety/drill" in the corporate soon.
3. Goverment will being to indtroduce manditory data breach reporting and other IT security legisation.
2. Cyber safter training will aslo become more puplar now these days? No wonders cyber saftey will be run in form of "fire safety/drill" in the corporate soon.
3. Goverment will being to indtroduce manditory data breach reporting and other IT security legisation.
No comments:
Post a Comment