The world of cyber security has seen a number of ups and downs this year, including high profile data breaches from the likes of Sony and UCLA Health and Office of Personnel Management (OPM) – with a total of 30 million records compromised. Such events have given our industry many things to learn from and think about as we move forward. With IDM 2015 fast approaching, the industry will now be taking stock of how far we’ve come since last year’s event and important lessons we’ve learned on the way. So, where does the market stand 12 months on?
Each year the top trends in cyber security are identified, and each year we should review these in order to prevent history from repeating itself. Moving forward, it is essential for businesses to combine security methods, and although internal breaches are a difficult weakness to overcome, there are measures businesses can take to further reduce the risk.
Back in January, five clear trends were labelled as the ones to watch in terms of security for 2015. These were; security of passwords, internal breaches, ransomware, the rise of the internet of things andculture in the workplace, and Cyber Warfare. So looking back, have these panned out the way we predicted at the start of the year?
Recent high profile hacks, along with the thousands of others we don’t hear about, have proved that passwords and other credentials are more valuable to hackers than ever. From what we’ve already seen this year, the future of password security lies with the implementation of multifactor authentication. Apple has already paved the way with their two-factor authentication, using a thumb print and password for personal and banking applications. The next step with surely be for security teams to implement multifactor authentication to protect the access of a company’s sensitive data, including biometrics.
Personal grievances are still making headlines
Although internal breaches have been described as inevitable, certain business habits can add to the risk. According to the Verizon 2015 Data Breach Investigations Report, 55 percent of all insider breaches in the last 12 months were highlighted as privilege abuse; or in other words, an employee or outsider taking advantage of assigned access privileges. Despite the industry’s best efforts, it would seem employee grievances are still making the biggest headlines.
Last year, the attention was on Morrisons and a severely disgruntled employee, who thought nothing about leaking data associated with over 100,000 supermarket staff. However, the issue hasn’t gone away. One year on, we’re reading about moral hacktivism at Ashley Madison and its potential to destroy a business. Once again, it would seem that someone close to the company, likely a contractor, was instrumental in a data breach affecting up to 37 million users globally. With this in mind and noting businesses’ increased use of outsourcing, influx of temporary workers and other forms of non-employee access, real-time monitoring will be more important than ever.
Written by Nick Kennelly, Account Manager, EMEA, Courion