January 28, 2016

Is Your Organization Ready? Cyber Security Trends in 2016

‘Cyber security’ is in the news, and it’s not just because there’s been yet another data breach (although that’s always a concern).  

First of all, January 28 is Data Privacy Day (DPD), a global initiative to create awareness about the importance of privacy and protecting personal information – and cyber security is a big part of that.

Second, with presidential candidates on the campaign trail in the U.S., there’s no doubt cyber security policy will be a topic of discussion for the entire year.

Of course, the third reason it’s in the news is that we live in a globally connected world, and cyber security requires constant attention and updating.  

Here’s what cyber security trends industry experts have forecast in 2016.

It's Personal: Using social engineering and spear phishing, criminals pick one company, then one unsuspecting individual within that company to prey on,” explained Patrick Peterson of security firm Agari in an online story. “Using information on that person, gleaned through sites they’ve visited or data the hacker has purchased, the bad actors will convince the good ones to unknowingly betray themselves and ultimately the organizations for which they work.”

Not Just about Money: Experts forecast more message-driven cyber attacks as well as new targets such as large energy facilities. Also, it may be more about attacking a target and destroying data than there being financial gain.

More Professionals: Cyber security professionals have been in short supply for a while. But forecasters suggest that the industry may finally turn a corner in 2016 with an increase in training programs in this area.

Apps: Apps are still a huge target. “An attack entry point via an app on a mobile device may well be able to access a whole company network,” one industry expert said in an inc.com story.

Internet of Things: As more and more consumer products (for example, fridges, cars, televisions, smart watches, webcams, medical devices) connect to the Internet, cyber thieves find ways to exploit them. These products may be a stepping stone to corporate networks.  

Smaller Targets: Large organizations generally have budgets to address cyber security needs. Small and medium size businesses do not and will be increasingly targeted. The Security Tracker 5.0 from Shred-it reported that only 35% of small business owners have a cyber security policy.   

Smartphones: As purchases on mobile devices become the norm, these devices become bigger targets for identity thieves. Javelin predicted that Card-Not-Present fraud will grow from $10 billion in 2014 to more than $19 billion in 2018.

Data Security Trends: It’s important to remember that data breaches occur for a variety of reasons. Insiders might inadvertently toss a file into a recycling bin or send one over an unprotected network. “A commitment to data protection isn’t about cyber security or physical security in isolation,” stated the 2015 State of the Industry report from Shred-it. “It’s about crafting comprehensive policies that are aimed at protecting sensitive data in all forms, from collection through storage and into destruction.”

How current are your data security best practices? A comprehensive policy protects individual employees and the organization itself.