As the IT industry continues to expand successfully, negative effects also come along with the various improvements in technology, creating avenues for cyber threats and crimes. In WebsenseInc’s 2014 Security Predictions Report, the company determined key threats that organizations should observe including the increased volume of malware, data destruction, and cloud data predators. Meanwhile, a different set of data from Verizon’s 2013 Data Breach Investigation Report (DBIR) revealed that speed and sophistication are the themes of these attacks, and it seems that they will still be prevalent for this year. As the company noted, “understanding the sophistication of the attackers and their tactics will help you to adopt a smarter approach to protecting your business”.
Source:http://www.cnmeonline.com/
To get you on the right track this year, here are some of the threats that you need to be aware of.
1. “Bring your own cloud”Cloud services resulted from the convergence of cloud computing and mobile devices, allows you to store and retrieve information efficiently. However, the fact that it’s accessible to all may incur some security risks from corporate perimeters. According to Prescient Solutions CIO Jerry Irvine, security dangers come from mobile devices used in the office and connected to public Wi-Fis, creating a path for data breach. Some IT experts regarded this as a “vector.” Dell’s Paul Christman said that technology to protect private information is not yet mature, making data security through cloud services an enterprise dilemma.
2. Unpatched Java softwareIf your firm is tapping into Java, you will notice how often it asks to be updated. This is a potential drawback, especially for organizations whose IT departments only push out patches on a regimented schedule. This may paralyze all your operations, especially because there are tools thatrequire a Java script. Using outdated services leaves you vulnerable against unpatched security flaws, so it’s important to update and tailor them to accommodate third-party solutions. Although it might require larger sum of money, it’s relatively cheaper compared to the cost of risk for not updating it.
3. BYOD in the organizationWhether personal or company-owned, the abundance of mobiledevices has led to the trend of Bring Your Own Device (BYOD), which may incur risks in information security. According to Computer Weekly, these may stem from three principal internal and external factors:· Mismanagement of the devices employed· Utilization of low-quality business applications·External manipulation of softwareAn implemented BYOD scheme in the workplace may face risks such as accidental disclosures, emanating from the loss of boundary between personal and work data. Thus,it’s important to ensure that your BYOD scheme is well-constructed and observes a unified set of rules.
4. Social networking attacksAccording to Issie Lapowsky of INC.com, both public and private establishments are poised to “leverage” their social platforms, in a bid to launch attacks against their competitors. There will be a surge in social media attacks, employing the mechanism of hacking of a person’s authentication credentials by changing their passwords. Also, modern-day hackers are using the phishing method, wherein they lure social media users into a fake login page, only to gather identification details.
5. New modes of mobile paymentAccording to McAfee, the emergence of new modes of mobile payment welcomes new opportunities to create ransomware, a type of malicious software requiring to pay before accessing a computer system. Devices capable of near field communication (NFC) can be hijacked by skimming through mobile credit card information. Fortunately, mobile platforms come to your rescue. For example, Android makes it impossible for SMS-sending malware to access credit card information and steal money without the owner’s knowledge by sending out notifications when a message is about to be sent.
From the ideas we’ve mentioned, it’s clear that the major threats for 2014 all boils down tosecurity. While this is the case, software developers and vendors must not view the issue of security as an afterthought. Instead, they must take part in building security features among their applications.
This article was written and submitted by Reese Jones.
About the Guest authorReese Jones is a mobile tech pundit of Techie Doodlers. As a writer, she enriches her knowledge with the latest trends and developments in the business sector, corporate parameter, and in the IT industry. You can reach her on Google+ and on Twitter.