High profile data breaches have grabbed headlines around the world during the last two years. We saw lapses in security and data loss at an unprecedented scale – across industries and continents. As technology continues to evolve rapidly and drive businesses success, IT must gear up for new cybersecurity challenges that will present themselves at an ever faster pace. These professionals need to come to terms with the fact that cloud will be at the centre of this evolution,
Here are 3 notable security trends you shouldn’t ignore:
1. Dark side of the cloud: Keeping our data safe from thieves
The adoption of cloud is inevitable for organisations large or small, the only difference will be the extent to which businesses make use of the cloud. From full migration to Office 365 and Salesforce, to simply using infrastructure like of Dropbox for file sharing, matured cloud service providers now have great appeal to your modern enterprise. As more organisations move to store customer, employee, and intellectual data in the cloud, villains will undoubtedly attempt to access said data.
We can expect to see an increase in cloud services breaches. Hackers will use false credentials to use cloud services as a major attack vector. Social engineering tactics will focus on mimicking cloud login screens to gain credentials. New technologies like Cloud Access Security Brokers (CASB) will become increasingly important in helping organisations that rely on cloud service providers maintain control of security operations.
2. Beware the ransomware
Ransomware is a rising security concern amongst Asian companies, and the use of Ransomware will likely escalate in 2016. Ransomware is a type of malware that restricts computer usage until the user pays a ‘ransom’ or sum of money. Ransomware incidents are not only disruptive, some cost companies hundreds of thousands of dollars as they attempt to ‘redeem’ their systems. CIOs are increasingly looking to forensic services and technology to safeguard against the use of ransomware that could potentially affect high profile systems.
Mobile devices such as smartphones and tablets are low hanging fruits for those employing ransomware today. Criminals target individuals as well as organisations that have yet to secure sensitive data that could range from images, to source codes and manuscripts. The newly-discovered Linux.Encoder ransomware, which has already compromised 2,000 websites, is one example of how ransomware continues to evolve.
3. What? My car is connected to the cloud?
The new rule for the future is going to be ‘anything that can be connected, will be connected’. Technology we own today including mobile devices, televisions, automobiles are already linked. Some of these connected ‘Internet of Things’ (IoT) devices will inevitably invite access to sensitive information – personal and organisational. The nascent, unsupervised, and unsecured nature of IoT makes this data a potential target for control and manipulation.
A study by Straits Interactive and Appknox in November 2015 reported that 90% of mobile apps could be in breach of Singapore’s privacy law when it comes to collection and usage of consumer data. Many IoT devices today lack significant memory or operating system capabilities, limiting the ability to secure them.
Malware targeting IoT devices has not yet become prevalent as high value data currently simply isn’t stored in them. As IoT continues to mature, we will absolutely begin to see more advanced attacks in 2016 and beyond.
Your organisation can avoid becoming an easy target by maintaining solid security practices, keeping up with security trends and advanced technology.
Have a cyber-safe 2016.