Photos: Top 10 cybersecurity issues to watch in 2016
Image 1 of 7
2: Governments will step up their demands for information from companies.
The now defunct US-EU Safe Harbor agreement is alreadyrncreating fallout. According to EU Business,rn”Ireland’s High Court ordered the Irish Data Protection Commissioner tornexamine whether to suspend the transfer of Facebook users’ data from Europe tornthe United States.”
Governments demanding companies to turn over sensitive informationrnwill continue, resulting in organizations not knowing whom to trust and whatrnregulations they may be violating.
Also see: Cloud vendors seek refuge in Germany to comply with EU data laws
3: Countries will take steps to control the internet within their borders.
With trust falling to the wayside, experts suggest that each countryrnwill try to control the internet within its borders. Managing director ofrnDiscern Analytics and consulting associate professor at Stanford, Paul Saffo writes, “Thernpressures to balkanize the global internet will continue and create newrnuncertainties. Governments will become more skilled at blocking access tornunwelcome sites.”
5: Mobile apps will become the target of choice.
Mobile apps are becoming the target of choice; the Ponemon Institute decided to look at why. “Among the more than 400 organizations studied — nearly 40 percent of which were Fortune 500 companies — almost 40 percent of them aren’t scanning the code in their apps for security vulnerabilities, leaving the door wide open to the potential hacking of sensitive user, corporate, and customer data,” mentions Dr. Larry Ponemon. “The average organization tests fewer than half of the mobile apps it builds, and 33 percent of the surveyed companies never test their apps.”
This is not expected to change anytime soon.
Also see: 3 security challenges when deploying mobile apps
6: Encryption is not and will not be a deterrent.
During the past several months, government law enforcement agenciesrnhave been demanding that backdoors be added to encryption software. As can bernexpected, security pundits fought back, and it appears they have won. However,rnthere are those who aren’t so sure — maybe this is all a smoke screen.
Andy Greenberg in his WIRED article Cops Don’t Need a Crypto Backdoor to Get Into Your iPhone interviews several security experts, asking if backdoors are evenrnneeded. “In spite of the big words the FBI has used over the last year,rnthe situation isn’t quite as dire as they make it out to be,” ChrisrnSoghoian, principal technologist for the ACLU tells Greenberg. “The kindrnof encryption tech companies are giving us is geared towards protecting us fromrna thief stealing our laptop. It’s not designed to keep out a government agentrntrying to get your data with or without a court order.”
Also see: Encryption:You can’t put the genie back in the bottle
7: Lax IoT security will become apparent.
The IoT device onslaught is coming, however, not this year. “Werndo not expect attacks on the IoT to become widespread yet. Most attacks arernlikely to be ‘whitehat’ hacks to report vulnerabilities and proof of conceptrnexploits,” Michael Fimin writes in this Netwrix Community column.
That will not be the case in 2016, especially if the bad guys readrnarticles like John Dixon’s Who Will Step Up To Secure The Internet Of Things?
“Ifrntoday’s titans of technology won’t step up to secure the IoT, that endeavor mayrnfall to the multitude of startup companies that are fueling much of thernindustry’s current growth,” mentions Dixon. “Gartner estimates byrn2017, more than half of all IoT products and services will be developed byrncompanies less than three years old. Moreover, while some of these newcomersrnare likely to have formidable technical expertise, many will lack the know-howrnor capability to implement the tight security that is needed.”
Also see: The IoT security challenge: Can Information Xchange fill the gap?
8: More "qualified" security professionals will be needed.
When it comes to security, the best defenders are ironically the bestrnattackers, and right now there is a dire lack of qualified defenders. However,rnthere is a more immediate problem. According to ISF Global Vice President Steve Durbin, there are not enough qualified security professionals to go around.rnThis will not improve in 2016, with both businesses and government agenciesrnfighting over those indeed who have the right qualifications.
Also see: Photos: 10 of the best places to study cybersecurity
9: Security is less important to the newer generations.
The trend from one generation to the next is to view security andrnprivacy in a way that scares the daylights out of the previous generation. Forrnexample, according to Ben Rossi a Ricohrnstudy finds that 30% of Generation Z will be frustrated by the lack of informationrnsharing and company pushback on BYOD. Everyone is looking for a happy medium,rnbut will not find it in 2016.
Also see: Security and privacy: New challenges (ZDNet/TechRepublic special feature)
-
Account Information
Contact Michael Kassner
- |
- See all of Michael's content