“There is no clouding the fact that security threats are increasing. Hackers are becoming more advanced in their techniques and with more devices being connected than ever before, it is becoming easier to spread malicious software. The situation is only going to get worse, as companies run from fire to fire, securing whatever is most important right now.”
“Hackers keep changing their tactics. Threats have evolved from drive-by-downloads posing as critical software to the more serious situation of ransomware attacks – like CryptoWall and CryptoLocker. In 2015, we could easily see this threat going one more level to extortion, where you have to continue to pay to protect your data – your IP.
“However, currently security systems are disparate and siloed, addressing narrow aspects of security and leaving gaping holes that must be addressed with different solutions from different vendors. This approach will change as businesses realise they have to take a holistic attitude to security, using integrated and consolidated platforms that protect the full IT spectrum – from endpoint through the network and from the internal end user through the remote employee and out to partners and customers.
“Mobile devices and cloud environments, especially as the consumption of these services becomes a dependency, will be an area we need to continue to look at in 2015. Businesses really need to focus on how the cyber-criminal will take advantage of those two environments and is where vendors will need to spend some time on.”
“We believe security is based on simplicity, efficiency, and connectivity that tie together the splintered aspects of IT security into one, integrated solution, capable of sharing insights across the organisation. This can radically change the culture of compliance within organisations and strengthen the overall security posture, allowing easier adoption of disruptive technologies – like cloud and mobile – so organisations can refocus on doing what they do best”
Other predictions include:
1. A Shift in Accountability: If you think about who is accountable for security (the line-of business) and who normally is charged with implementing and enforcing security (IT) there’s a big gap. As security continues to become more of a C-Suite priority, organizational structures and security technologies will shift to bridge that gap, putting the line-of-business in control of deciding what should be secured, why, and how and giving them the tools to enforce without having to run to IT for every request.
2. Emergence of Smart Home and Connected Car breaches: The technology curve for connected homes and cars is far outpacing the evolution of security for these devices. As this technology passes the tipping point into mainstream adoption, cybercriminals will shift their attention to exploit its inherent security vulnerabilities and gain access to valuable data.
3. A rise in SSL encrypted file attacks: After the highly publicized SSL vulnerabilities disclosed in 2014, expect hackers to put a closer eye to its code and discover new flaws and attack methods. It’s likely that many of these flaws will be distributed in the underground market and used to compromise encrypted files.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.