“Those who fail to learn from history are doomed to repeat it.”
Those unfamiliar with cybersecurity imagine the job is all about having the best technology; while technology is important, IT professionals know that technology is nothing without skilled employees. To truly protect themselves and stay ahead of cyber criminals, companies need IT professionals who can lead, teach, communicate and learn from the past.
Cybersecurity trends to watch
Breaches are a PR issue
It is bittersweet, but the devastating effects of the Sony hack are going to have a big impact on the C-suite in 2015. Leadership is realizing that a data breach is not just an internal problem; it is a massive PR problem with consequences that can affect the company for years to come.
PR issues are a major concern to stakeholders, thus stakeholders are going to have an increased concern in cybersecurity in 2015. In fact, the US State of Cybercrime Survey found that 59% of respondents were more concerned about cybersecurity threats this year than in the past. More concern is going to translate to more meetings with leadership. Check out our WebTracks webinar on communicating with leadership to learn how to make these meetings work in your favor.
Whether employees intentionally leak data or are unaware of their security mistakes, internal threats will continue to be a serious concern in 2015. In a 2014 survey by SolarWinds, 53% of DOD respondents cited careless/untrained insiders as a source of security threats. That is more than foreign governments, terrorists and the general hacking community. Malicious insiders were cited by 26% of respondents.
We are going to see an increased investment in employee security training this year because those careless/untrained insiders that the DOD and IT professionals worry about can become less of a threat with training; more importantly, it is cost effective to train them. The Global State of Information Security Survey 2014 found that 76% less is spent on security events when employees are trained.
Businesses are learning the importance of not putting all their eggs in one basket – or, more literally, not putting all their data on one cloud platform. Employees demand the convenience of cloud computing, but public platforms just don’t provide enough security to hold 100% of a company’s data. In 2015, businesses’ cloud strategies – and general security strategies – are going to incorporate data segmentation.
Let’s not repeat “The Year Of The Mega Breach.” Let’s learn from last year’s mistakes and trends and incorporate the lessons learned into our security strategy for 2015.