2014 is around the corner, and every organization is gearing up to face all the new types of threats, malware attacks, other cyber-crimes including data loss and identity theft which are getting more advanced and difficult to tackle. Let’s take a dive into what the industry experts are saying about the emergence of new threats, the advent of new IT security technology to combat the threats and novel ways to keep the corporate network and IT infrastructure secure and protected.
The statistics, trends and information furnished below is the industry perspective as analyzed by information security organizations, individual security practitioners and market research institutions, and will give you a fair idea of what the IT teams can expect in 2014.
Threats Expected to be on the Rise
- Social engineering attacks will increase significantly in 2014 given the fact that people are becoming more careless in safeguarding their Internet account passwords
- Mobile malware will get more advanced and difficult to find – especially malware attacking Android OS
- Novel threats like ransomware (already rampant in Europe), water-holing and spear-phishing will find more victims
- There will be a surge in cyber-espionage including government agencies
- Vulnerabilities from unsupported software will be challenging to address. For e.g., Microsoft is going to end support for Windows XP as of April 8th, 2014, and Oracle has already stopped releasing patches for Java 6 since Feb, 2013.
- Cloud APIs expected to open up more vulnerabilities
- In its 2014 security predictions report Trend Micro stated that one major data breach will occur every month next year, and advanced mobile banking and targeted attacks will accelerate
Security Trends to Look Out For
- Big data security will get more attention, the larger secure data is stored, the requirement for more security technology such as security information and event management.
- Mobile data security, due to BYOD explosion, will be a major concern for IT security teams – which includes BYOD management, mobile malware, and data loss from employee-owned devices.
- FireEye analyzes and predicts that detecting advanced malware will take even longer in 2014 than it does now. Currently, on an average industry scale, detecting a breach can take 80 to 100 days, and remediating it can take 120 to 150 days.
- By 2015, Gartner predicts that the demand for greater security intelligence sharing for context-aware systems will form a marketplace for brokering security data.
- Data privacy paranoia will definitely grapple you. A recent survey conducted by Carnegie Mellon University reported that 86% of internet users have taken steps online to remove or mask their digital footprints—ranging from clearing cookies to encrypting their email.
- Internet of Things (IoT) will become more hacker-friendly and security challenges will be on the rise as there will be more devices to protect.
- Multi-factor data authentication and password protection will be a common trend among social media users to protect their credentials from hackers.
- Microsoft forecasts that there will in an increase in cyber-crime related to the FIFA World Cup 2014 where hackers will be looking for illegal ways to make money and take advantage of the excitement surrounding the World Cup.
- Key and certificate management is expected to become more popular based this article on Forbes. This has traditionally been a cumbersome process. 2014 will open up the opportunity for enterprises to adopt certificate discovery and management tools for IT security.
IT Security Spend Forecast for 2014
- ITC Government Insights predicts that overall IT security spending will rise from $5.9 billion in 2012 to over $7.3 billion in 2017. And in 2014, IT security spending by the Federal Government is expected to top $6.1 billion.
- According to new research by Tech Pro Research, 41 percent of IT managers say they will put more money into IT security in the New Year.
The threat landscape is definitely expanding adding more sophisticated and difficult-to-detect threat vectors each day. We need to be prepared for a year of IT boom in 2014, and with it, many the security exploits and cybercrimes to deal with. Here’s to 2014: a year of intelligent IT investment and security planning!