Key information security trends in 2015

Key information security trends in 2015

This post is also available in: heעברית (Hebrew)

3 Information Security TrendsCybercriminals are becoming more sophisticated and collaborative with every coming year. To combat the threat in 2015, information security professionals must understand these 3 key trends.

Steve Durbin, managing director of the Information Security Forum (ISF), a nonprofit association, told cio.com he foresees 3 security trends that will dominate the year.

1. Cybercrime

Today’s cybercriminals primarily operate out of the former Soviet states. They are highly skilled and equipped with very modern tools. Durbin notes they often use 21st century tools to take on 20th century systems.

“In 2015, organizations must be prepared for the unpredictable so they have the resilience to withstand unforeseen, high impact events,” he adds. “Cybercrime, along with the increase in online causes (hacktivism), the increase in cost of compliance to deal with the uptick in regulatory requirements coupled with the relentless advances in technology against a backdrop of under investment in security departments, can all combine to cause the perfect threat storm. Organizations must invest in resilience to minimize the impact of the unforeseen.”

Register to iHLS Israel Homeland Security

2. Privacy and Regulation

Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguard and use of Personally Identifiable Information (PII), with penalties for organizations that fail to sufficiently protect it. As a result, Durbin notes, organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions and business costs such as reputational damage and loss of customers due to privacy breaches.

3. Threats from third-party providers

Supply chains are a vital component of every organization’s global business operations and the backbone of today’s global economy. However, Durbin says, security chiefs everywhere are growing more concerned about how open they are to numerous risk factors. A range of valuable and sensitive information is often shared with suppliers, and when that information is shared, direct control is lost. This leads to an increased risk of its confidentiality, integrity or availability being compromised.

“Over the next year, third-party providers will continue to come under pressure from targeted attacks and are unlikely to be able to provide assurance of data confidentiality, integrity and/or availability,” Durbin says. “Organizations of all sizes need to think about the consequences of a supplier providing accidental, but harmful, access to their intellectual property, customer or employee information, commercial plans or negotiations.”