The now defunct US-EU Safe Harbor agreement is already\r\ncreating fallout. According to EU Business,\r\n”Ireland’s High Court ordered the Irish Data Protection Commissioner to\r\nexamine whether to suspend the transfer of Facebook users’ data from Europe to\r\nthe United States.”
Governments demanding companies to turn over sensitive information\r\nwill continue, resulting in organizations not knowing whom to trust and what\r\nregulations they may be violating.
Also see: Cloud vendors seek refuge in Germany to comply with EU data laws
With trust falling to the wayside, experts suggest that each country\r\nwill try to control the internet within its borders. Managing director of\r\nDiscern Analytics and consulting associate professor at Stanford, Paul Saffo writes, “The\r\npressures to balkanize the global internet will continue and create new\r\nuncertainties. Governments will become more skilled at blocking access to\r\nunwelcome sites.”
Mobile apps are becoming the target of choice; the Ponemon Institute decided to look at why. “Among the more than 400 organizations studied — nearly 40 percent of which were Fortune 500 companies — almost 40 percent of them aren’t scanning the code in their apps for security vulnerabilities, leaving the door wide open to the potential hacking of sensitive user, corporate, and customer data,” mentions Dr. Larry Ponemon. “The average organization tests fewer than half of the mobile apps it builds, and 33 percent of the surveyed companies never test their apps.”
This is not expected to change anytime soon.
Also see: 3 security challenges when deploying mobile apps
During the past several months, government law enforcement agencies\r\nhave been demanding that backdoors be added to encryption software. As can be\r\nexpected, security pundits fought back, and it appears they have won. However,\r\nthere are those who aren’t so sure — maybe this is all a smoke screen.
Andy Greenberg in his WIRED article Cops Don’t Need a Crypto Backdoor to Get Into Your iPhone interviews several security experts, asking if backdoors are even\r\nneeded. “In spite of the big words the FBI has used over the last year,\r\nthe situation isn’t quite as dire as they make it out to be,” Chris\r\nSoghoian, principal technologist for the ACLU tells Greenberg. “The kind\r\nof encryption tech companies are giving us is geared towards protecting us from\r\na thief stealing our laptop. It’s not designed to keep out a government agent\r\ntrying to get your data with or without a court order.”
Also see: Encryption:You can’t put the genie back in the bottle
The IoT device onslaught is coming, however, not this year. “We\r\ndo not expect attacks on the IoT to become widespread yet. Most attacks are\r\nlikely to be ‘whitehat’ hacks to report vulnerabilities and proof of concept\r\nexploits,” Michael Fimin writes in this Netwrix Community column.
That will not be the case in 2016, especially if the bad guys read\r\narticles like John Dixon’s Who Will Step Up To Secure The Internet Of Things?
“If\r\ntoday’s titans of technology won’t step up to secure the IoT, that endeavor may\r\nfall to the multitude of startup companies that are fueling much of the\r\nindustry’s current growth,” mentions Dixon. “Gartner estimates by\r\n2017, more than half of all IoT products and services will be developed by\r\ncompanies less than three years old. Moreover, while some of these newcomers\r\nare likely to have formidable technical expertise, many will lack the know-how\r\nor capability to implement the tight security that is needed.”
Also see: The IoT security challenge: Can Information Xchange fill the gap?
When it comes to security, the best defenders are ironically the best\r\nattackers, and right now there is a dire lack of qualified defenders. However,\r\nthere is a more immediate problem. According to ISF Global Vice President Steve Durbin, there are not enough qualified security professionals to go around.\r\nThis will not improve in 2016, with both businesses and government agencies\r\nfighting over those indeed who have the right qualifications.
Also see: Photos: 10 of the best places to study cybersecurity
The trend from one generation to the next is to view security and\r\nprivacy in a way that scares the daylights out of the previous generation. For\r\nexample, according to Ben Rossi a Ricoh\r\nstudy finds that 30% of Generation Z will be frustrated by the lack of information\r\nsharing and company pushback on BYOD. Everyone is looking for a happy medium,\r\nbut will not find it in 2016.
Also see: Security and privacy: New challenges (ZDNet/TechRepublic special feature)
Information is my field...Writing is my passion...Coupling the two is my mission.
