Ongoing concerns about the security of cloud-hosted data will drive many companies to put their cloud initiatives on the back burner in 2015, security firm WatchGuard has predicted as it singles out the most and least concerning security trends for the new year.
“As security professionals we spend a lot of our time looking for trouble and expecting the worst,” director of security strategy and research Corey Nachreiner said in a statement.
“In 2014, there were lots of vulnerabilities and threats to be found such as Heartbleed, Regin and Operation Cleaver. With so much noise in the market, we wanted to help security professionals focus in on what matters most.”
Contrary to widespread suggestions, the explosion in the Internet of Things (IoT) environment will not bring a “rise of machines”, Nachreiner said.
“Today's cyber criminals typically don't hack just for the heck of it. They need motive. There's not much value to having control of your watch or TV at this point, so we won't see hackers targeting them directly.”
WatchGuard's security team was equally dismissive about claims that passwords will die any time soon – rather that two-factor authentication will become ubiquitous online and passwords will continue as one of those two factors – and that software defined networking (SDN) posed a security threat.
Yet when it comes to cloud, Nachreiner offered warnings that 2015 may see a levelling off in the trend's “stratospheric climb” as ongoing data leaks make organisations more concerned with where they put sensitive information.
“This doesn't mean businesses will stop using the cloud where it makes sense,” Nachreiner said. “It just proves we can't put everything in the cloud.”
Also likely to affect decision-making is the persistent truth that innovation will continue to trump the discipline of secure design and development.
This ongoing issue, Nachreiner warns, “means security will continue to take a back seat to innovation, and that security professionals will have the tough job of weighing the operational benefits of new technologies against their potential security risks.”
Several other trends were more likely to pose dramatic threats against organisations in 2015, however. These, in WatchGuard's estimation, include continuing growth in cyber-espionage incidents and a shift in public perception about ongoing nation-state volleys in what WatchGuard calls “an already-occurring cyber cold war”.
Malware is expected to continue its rise, jumping from desktop to mobile devices and becoming increasingly problematic and confronting as attackers figure out new ways to monetise infections through customised mobile ransomware.
WatchGuard also predicts that business verticals will become as appealing to cyber-criminals as individual companies are now, increasing the pressure on companies of all sizes to improve their security. Unsurprisingly, this and other security trends – including the growth in government snooping – are expected to see a surge in the use and advocacy for data encryption.
“Security pros must continue to leverage encryption wherever possible,” Nachreiner says, as well as “fight for the right to retain private, unbreakable encryption; and to build networks that support heavy use of encryption without slowing bandwidth and adversely affecting business.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.