As 2013 draws to a close, it is only natural that we start to look to the year ahead and what developments it might bring. Charles Sweeney, CEO, Bloxx outlines five trends he thinks will dominate the security agenda in 2014:
Snowden's revelations about NSA and the alleged extent to which corporations such as Microsoft have supposedly complied have reverberated around the world. Not only are diplomatic international relations at an all time low, but so is trust in the 'big machine.' In a bid to reassure enterprises and consumers alike both Yahoo and Google have announced measures to help them defeat NSA surveillance. Companies spend millions of pounds each year securing themselves from hackers, online criminals and the unknown, but little did they realise that potentially they were being spied on from within.
What will be interesting in 2014 is whether these revelations will impact how companies communicate, via what channels, whether they start to question larger vendors about their relationships with national security programmes and if we'll see spend on encryption rise next year.
2 Shining a light on the dark web
How do you keep track of the rise of the Internet? 97 new websites are added every minute and last year 51 million websites joined the online community. By 2017 every three minutes the amount of data equivalent to every single movie ever made will cross the Internet. Mind boggling. So it's therefore no surprise that the number of indexed pages has seen an impressive 50 per cent growth since 2008.
But it's just the surface web that can be indexed by search engines - the deep web cannot. And this is a big problem because the deep web is 500 times the size of the surface web. The deep web is the dark side of the Internet where fraud, unauthorised leaks of information, copyright infringement and child abuse images are hidden. The dark web might be a formidable opponent, but in 2014 corporates, organisations and Governments will become more committed to shining a light into the darker side of the web and will invest to make it more transparent.
3 Will 2014 be the year the desktop finally dies?
You might be thinking that this is a bit of an old one, after all we all know that PC sales are in decline and that tablets and smartphones is where it's at. But whilst the desktop might be dying andBYOD (or CYOD, select the acronym of you choice) might be on the rise, mobility brings with it some serious questions. After all it's a lot harder to steal a desktop then it is to pinch someone's tablet. There has been much talk about how companies need to secure mobile devices but less chatter about what this transition actually means for security. The two are very different.
Data leakage is a serious issue and according to the Information Commissioner’s Office the majority of sensitive data finds itself into the wrong hands the good old fashioned way; i.e. a council sold some laptops and forgot to wipe the hard drive. How much more prolific - and unmanageable - is that problem when it is exacerbated acrosstablets, smartphones and other connected devices? As the desktop continues to die out in 2014, many organisations may well find themselves lacking the 360-degree view they need to ensure that there aren't any security blind spots in their network.
Compliance is monolithic monster that just seems to get bigger and bigger each year. Whereas previously organisations could pay a certain amount of lip service to regulations, austerity has bought with it a renewed focus on corporate governance and whether you are in the public sector of the financial services industry, you can be sure regulators are becoming more fastidious. The problem is that in the past companies have either been compliant or secure, but continued tough market conditions and an increasingly sophisticated attacksmean that in 2014 they'll need to be both.
5 Has security stopped innovating?
It would be easy to think that as one big brand after another has its customers details or other sensitive information stolen, that the security industry is destined to be forever one step behind the hackers. But this isn't the case at all. 2013 saw a lot of interesting start up activity in the security space and I believe that will continue into 2014. Smaller companies often bring with them fresh approaches to established problems. Whilst the larger vendors might have the big research and development budgets, they don't have the agility to move quickly in order to integrate new technologies or the boldness to deploy them in different ways.
In 2014, I think the smaller companies will steal a march on the larger vendors as their innovations catch the eye of big enterprises and public sector organisations who cannot deny they need a fresh - and more cost effective approach.