Every year, it seems, the threats posed by cybercriminals evolve into new and more dangerous forms while security organizations struggle to keep up.
As 2015 draws to a close, we can expect the size, severity and complexity of cyber threats to continue increasing in 2016, says Steve Durbin, managing director the Information Security Forum (ISF), a nonprofit association that assesses security and risk management issues on behalf of its members.
"For me, 2016 is probably the year of cyber risk," Durbin says. "I say that because increasingly I think we are seeing a raised level awareness about the fact that operating in cyber brings about its own peculiarities."
Durbin says the ISF sees five security trends that will dominate 2016.
"As we move into 2016, attacks will continue to become more innovative and sophisticated," Durbin says. "Unfortunately, while organizations are developing new security mechanisms, cybercriminals are cultivating new techniques to evade them. In the drive to become more cyber resilient, organizations need to extend their risk management focus from pure information confidentiality, integrity and availability to include risks such as those to reputation and customer channels, and recognize the unintended consequences from activity in cyberspace. By preparing for the unknown, organizations will have the flexibility to withstand unexpected, high impact security events."
Durbin says the threats identified by the ISF are not mutually exclusive. They can combine to create even greater threat profiles. He adds that we should expect new threats to emerge over the course of the next year.