2014 was a memorable year for cyber attacks, and we likely have a lot to look forward to in the next year. Here are some predictions to worry about, and take action where warranted:
- Better tools being misused/unused: There is a lot of great development going on around the world, with a massive number of new tools being offered up by product vendors and service providers. Companies are snapping them up. The problem is that the same overworked, under-trained staff of people are trying to incorporate them into hodge-podge IT environments that have developed over decades. Done poorly, recipe for disaster. Done slowly, the tools may be sitting on the shelf when you are cleaned out.
- More common sense approaches: In the recent Sony breach, it was reported that as much as 100TB of data was purloined by the hackers. Someone doing some simple checks should have noticed this type of movement. Think through the basics first! My prediction is that boards will wake up, and in taking a more active role, think through some of the changes that can happen only by mandate from the top.
- Combined attacks increase: Couple a motivated insider with an outsider willing to pay and supplement their efforts, and you have a first class entrée point into the systems. The insider may have been and gone, but left doors and windows open for later attacks. Who is watching the watchers? My prediction is a lot more auditing of IT personnel’s action by outside partners.
- If attacks don’t kill the cloud, the cloud will prevail: One thing the cloud implementations do is leave a lot of the old, vulnerable equipment and systems in the existing data center. This alone helps with overall security, narrowing the number of moving pieces. The cloud providers have a very good focus on the issues, and immense liability to their customers if they make huge mistakes. My prediction is the cloud will become the safer and preferred environment.
- Fragmented legislation/enforcement: Cyber is a global problem, yet there are few global efforts taking place from a policy and control standpoint. Law enforcement can’t deal well with border crossing attackers easily, and every country is thinking internally versus how we move to a structure that can keep the internet open and useful without it becoming a delivery highway for the bad guys. My prediction is it will take a major catastrophe before anything gets done.