Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Learning lessons from 2014 threats for a secure new year

Bloxx : 08 January, 2015  (Special Report)
2015, when companies will realise they arenít 100% secure, and consumers will begin to take care of their own security business
Learning lessons from 2014 threats for a secure new year

It’s the season of festive treats and over-indulging in food, but also the period where industries assess what has occurred in the last 12 months, and begin to plan for the coming year. This is especially important for the security industry this year; from breaches and hacks of companies such as Target and Sony, through to the menacing exploits found at the heart of the internet, security has been in many of 2014’s headlines. Here, Charles Sweeney, CEO, Bloxx runs through his predictions for security’s 2015, and how the issues of 2014 will be used as lessons.

The year of exploitation

During the last 12 months, there have been several high profile – and not to mention dangerous – exploits discovered. Issues such as Heartbleed and POODLE have highlighted fundamental flaws at the very heart of the internet. They were not hacker-created, but instead were uncovered at the very core of the internet by researchers and exploited almost as quickly by the hackers, with the Mumsnet Heartbleed breach a key example. These have exposed many security strategies and forced vendors to revaluate the way in which they use technologies such as SSL. In 2015, further vulnerabilities will be found, and it seems we are going to see more of these weaponise-or-neutralise cyber races. Patches, like the type issued by Microsoft for Windows recently, indicate that companies are continuing to actively hunt for these exploits and attempt to reach them before anybody else.

Consumers to take control of their security

2014 also saw more traditional breaches than ever before. The most worrying aspect of these seems to be the responses coming from the brands themselves, with a sense of nonchalance about data loss, despite it being their vulnerabilities that have led to customer data being exposed. 2015 looks to be the year where consumers will realise that to protect their own online data and identity, they can only trust themselves. Consumer-facing security services such as meandmyid, which allows consumers to use custom email addresses for anything that they sign up to and alerts them where data loss may have occurred, will see a sharp uptake amongst the data-savvy.

Companies will realise they are always at risk

If 2014 has demonstrated anything, it is that it’s just not possible to be 100% secure 100% of the time. With businesses operating in an increasingly app-centric world, this has led to a sharp increase in the number of threat vectors. Yet despite this, to date, security has remained an add-on. It’s a frequent point in the security industry that companies need flexible, responsive security protocols, as cyber criminals are constantly sourcing new ways to infiltrate them. There is a pressing need to ensure that each app is self-aware and self-protecting. Subsequently, rather than being a late stage addition, in 2015 security will be built directly into apps to ensure that they remain watertight.

MSSP to become a core approach for security

As businesses traverse the ever-expanding minefield of exploits and hacks, could 2015 be the year of a Managed Security Service Provider approach? An MSSP implementation of security has been mooted for the last couple of years but in recent months it has really started to gather pace. Historically, enterprises feel more comfortable keeping their security strategies, tactics and deployments in house, however this often coincides with a lack of resources and knowledge. If the necessary skills or available time for a successful security approach isn’t available, this can leave the company wide open to a hack; a consistent, skilled ability to identify and mitigate risk is vital for security protection. By using an MSSP provider, companies can focus on their own areas of expertise, safe in the knowledge that a trained security professional can shoulder the security burden. 2015 looks to be the year where this approach will prove pivotal in keeping pace with hackers actively searching for ways to exploit businesses.

Wearable data will need careful consideration

Hackers are keenly aware that the more consumers buy into personal clouds, the greater amount of data is online and within hackable reach. Flurry reported a massive rise in the usage of health and fitness apps; a snapshot of the wholesale adoption of these apps and wearable devices that occurred in 2014. Major brands are now pushing these products and investing in the technology behind them, and there is no sign that the user base for wearables and health apps is going to decline any time soon. However, users need to be aware of the security risks that can arise from the use of these technologies. There were terrible instances of celebrity photos being hacked and distributed this year, but imagine if along with these, health readouts and medical information were also stolen. This is a very real scenario in 2015, with incredibly personal information being hacked not just from celebrities, but anyone that uses health apps and stores data online. Although the data may not seem as initially alarming as, for example, having your card details breached, the implications can be just as dangerous and the information gleaned from it extensive.

It’s easy to say that 2014 was a particularly trying year for the security industry. But looking ahead to 2015, it appears that lessons learnt will translate into a more dynamic and proactive implementation of security measures. There is now a fundamental understanding of online security from consumers that initially did not pay much attention to the sector, and businesses that took it for granted. While keeping a keen eye on wearables and exploits, 2015 looks to try and combat the problems of the previous year, and ensure that companies and individuals are better protected than ever. By prioritising security at the heart of operations and not simply viewing it as a box that can be ticked and left to deal with the increasing array of dangers, consumers and businesses alike will look to take a more active approach to protecting themselves than ever before.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   ¬© 2012 ProSecurityZone.com
Netgains Logo