Even as major companies and governments find themselves cyber-attacked on a regular basis, the evolution of cyber-security has continued at a breakneck pace. What will 2016 bring in terms of infrastructure defense?
According to Larry Ponemon of the Ponemon Institute, which researches privacy and security, protecting the cloud and Web-connected hardware against cyber-attack is a critical focus of software firms. Modifying security for different environments—whether mobile, cloud, or local—often requires complex changes in software’s underlying algorithms, lest a vulnerability be created. But that complexity, Ponemon suggested, means that “security often becomes an afterthought.”
Other areas that Ponemon identified as important over the next year:
According to Ponemon, the scourge of identity theft is only getting worse. As a result, creating failsafe identity concepts will be a huge opportunity in the marketplace; a “layer” of additional protection over our digital identities is essential. Innovation in this area includes creating interoperable identity credentials to access online services. (The National Strategy for Trusted Identities in Cyberspace is one of many initiatives helping to make secure identities a reality.)
IOT (Internet of Things)
Ponemon also suggested that developers pay too much attention to features, and not enough on protecting against attackers: “Security and functionality should go hand in hand and warrant equal consideration within development paradigms.” Developers need to ask whether their applications can survive an attack—and back up their beliefs with rigorous penetration testing (and other forms of ethical hacking). This is especially important in the growing field of the Internet of Things, where applications can influence everything from industrial processes to airplane engines.
Rise of the “Super Bad Guys”
Throughout 2016, renegades around the world will continue to use more sophisticated encryption to plan and create large-scale, sophisticated attacks. What’s the best way to counter this growing cyber-war? Ponemon believes the “best methods will have to employ both a sophisticated defense as well as an offense.” Law enforcement will need to become more sophisticated at picking up traces of attackers who’ve infiltrated vital systems; and companies will need to follow best security practices if they want to truly stay safe.
Defending against sophisticated attacks is further complicated by the following factors:
- Inability to hire and retain expert staff
- Lack of actionable and timely intelligence
- Employee-related risks might not be reduced
- A lack of funding to invest in people and technologies
- Absence of necessary technologies to blunt cyber-threats
Company executives outside of the IT silo will need to take a more active hand in facing down security threats, especially when it comes to securing funding. System administrators and other tech pros should also stay abreast of the security industry’s latest innovations. With enough security awareness, tech firms can build applications and systems that not only provide great functionality, but are also locked down enough to prevent intrusion.