Security concerns will dampen cloud enthusiasm in 2015: WatchGuard

Ongoing concerns about the security of cloud-hosted data will drive many companies to put their cloud initiatives on the back burner in 2015, security firm WatchGuard has predicted as it singles out the most and least concerning security trends for the new year.

“As security professionals we spend a lot of our time looking for trouble and expecting the worst,” director of security strategy and research Corey Nachreiner said in a statement.

“In 2014, there were lots of vulnerabilities and threats to be found such as Heartbleed, Regin and Operation Cleaver. With so much noise in the market, we wanted to help security professionals focus in on what matters most.”

Contrary to widespread suggestions, the explosion in the Internet of Things (IoT) environment will not bring a “rise of machines”, Nachreiner said.

“Today's cyber criminals typically don't hack just for the heck of it. They need motive. There's not much value to having control of your watch or TV at this point, so we won't see hackers targeting them directly.”

WatchGuard's security team was equally dismissive about claims that passwords will die any time soon – rather that two-factor authentication will become ubiquitous online and passwords will continue as one of those two factors – and that software defined networking (SDN) posed a security threat.

Yet when it comes to cloud, Nachreiner offered warnings that 2015 may see a levelling off in the trend's “stratospheric climb” as ongoing data leaks make organisations more concerned with where they put sensitive information.

“This doesn't mean businesses will stop using the cloud where it makes sense,” Nachreiner said. “It just proves we can't put everything in the cloud.”

Also likely to affect decision-making is the persistent truth that innovation will continue to trump the discipline of secure design and development.

This ongoing issue, Nachreiner warns, “means security will continue to take a back seat to innovation, and that security professionals will have the tough job of weighing the operational benefits of new technologies against their potential security risks.”

Several other trends were more likely to pose dramatic threats against organisations in 2015, however. These, in WatchGuard's estimation, include continuing growth in cyber-espionage incidents and a shift in public perception about ongoing nation-state volleys in what WatchGuard calls “an already-occurring cyber cold war”.

Malware is expected to continue its rise, jumping from desktop to mobile devices and becoming increasingly problematic and confronting as attackers figure out new ways to monetise infections through customised mobile ransomware.

WatchGuard also predicts that business verticals will become as appealing to cyber-criminals as individual companies are now, increasing the pressure on companies of all sizes to improve their security. Unsurprisingly, this and other security trends – including the growth in government snooping – are expected to see a surge in the use and advocacy for data encryption.

“Security pros must continue to leverage encryption wherever possible,” Nachreiner says, as well as “fight for the right to retain private, unbreakable encryption; and to build networks that support heavy use of encryption without slowing bandwidth and adversely affecting business.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt @simplenomad Register today

Join the CSO newsletter!

Error: Please check your email address.

Tags cyber criminalswatchguardInternet of Things (IoT)Regincyber-espionageHeartbleedmobile ransomwareCSO AustraliaCorey NachreinerEnex TestLabcloud enthusiasm

More about CSOEnex TestLab

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place