Follow on Google News News By Tag Industry News News By Place Country(s) Industry News
Follow on Google News | Information Security Forum Identifies Top Six Security Threats for 2014Cyber Security, Reputational Damage, Data Security in the Cloud and Mobile Devices in the Workplace Trends Top List of Key Threats to Businesses
By: Information Security Forum “As we move into 2014, attacks will continue to become more innovative and sophisticated. Unfortunately, while organizations are developing new security mechanisms, cybercriminals are cultivating new techniques to circumvent them,” said Steve Durbin, Global Vice President of the ISF. “Businesses of all sizes must prepare for the unknown so they have the flexibility to withstand unexpected, high impact security events.” The top six threats identified by the ISF are not mutually exclusive and can combine to create even greater threat profiles. They are most certainly not the only threats that will emerge over the course of the next twelve months. The most prevalent threats include: BYO Trends in the Workplace As the trend of employees bringing mobile devices in the workplace grows, businesses of all sizes continue to see information security risks being exploited. These risks stem from both internal and external threats including mismanagement of the device itself, external manipulation of software vulnerabilities and the deployment of poorly tested, unreliable business applications. If the Bring Your Own Device (BYOD) risks are too high for your organization today, stay abreast of developments. If the risks are acceptable, ensure your BYOD program is in place and well structured. Keep in mind that if implemented poorly, a personal device strategy in the workplace could face accidental disclosures due to loss of boundary between work and personal data and more business information being held in unprotected manner on consumer devices. Data Privacy in the Cloud While the cost and efficiency benefits of cloud computing services are clear, organizations cannot afford to delay getting to grips with their information security implications. In moving their sensitive data to the cloud, all organizations must know whether the information they are holding about an individual is Personally Identifiable Information (PII) and therefore needs adequate protection. Different countries’ regulations impose different requirements on whether PII can be transferred across borders. Some have no additional requirements; Reputational Damage Attackers have become more organized, attacks have become more sophisticated, and all threats are more dangerous, and pose more risks, to an organizations reputation. With the speed and complexity of the threat landscape changing on a daily basis, all too often we’re seeing businesses being left behind, sometimes in the wake of reputational and financial damage. Organizations need to ensure they are fully prepared and engaged to deal with these ever-emerging challenges. Privacy and Regulation Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguard and use of PII, with penalties for organizations who fail to sufficiently protect it. As a result, organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions and commercial impacts such as reputational damage and loss of customers due to privacy breaches. Furthermore, we are seeing increasing plans for regulation around the collection, storage and use of information along with severe penalties for loss of data and breach notification particularly across the European Union. Expect this to continue and develop further imposing an overhead in regulatory management above and beyond the security function and necessarily including legal, HR and Board level input. Cybercrime Cyberspace is an increasingly attractive hunting ground for criminals, activists and terrorists motivated to make money, get noticed, cause disruption or even bring down corporations and governments through online attacks. Organizations must be prepared for the unpredictable so they have the resilience to withstand unforeseen, high impact events. Cybercrime, along with the increase in online causes (hacktivism) The Internet of Things Organizations’ “By adopting a realistic, broad-based, collaborative approach to cyber security and resilience, government departments, regulators, senior business managers and information security professionals will be better able to understand the true nature of cyber threats and respond quickly, and appropriately,” Please register via this link (https://www.brighttalk.com/ The ISF Threat Horizon series of reports (https://www.securityforum.org/ End
Account Email Address Account Phone Number Disclaimer Report Abuse
|
|