Security predictions for 2014
2013 has been a very interesting year in information security. We anticipate that 2014 will be even more exciting, not necessarily a good thing! Here are our predictions for 2014:
The volume of malware will continue to increase, targeted at multiple platforms (especially mobile – see below) potentially hidden in utilities and games on all platforms fixed and mobile. Mobile devices will be used as a platform to attack Enterprise especially Cloud data.
Data encryption and destruction Malware like CryptoLocker will become more and more of a headache for Enterprise and individual users. Stay vigilant, keep backups, stay patched, keep A/V up to date, restrict local administrative rights.
Windows XP shuffles off
The death of Windows XP presents an opportunity to restrict local administrative rights using windows 7 or 8.1. Unfortunately the end of support for XP coupled with Java version 6 will present rich pickings for the bad guys if they are not upgraded.
Enterprise Private Clouds will grow quickly
The Enterprise is worried about Government snooping (and why wouldn’t they be?) and most security analysts are predicting that attackers are becoming more interested in cloud data (see CryptoLocker). Cloud security will be an industry front line, not to mention nauseating buzz phrase.
Behavioural based anomaly detection
The grip of correlation based analysis (Arcsight,Q1Labs etc.) on Enterprise security management will be either threatened or enhanced (depending on your perspective) by the growth in anomaly based detection. Watch out for what Cisco plan for Sourcefire 3D in the coming year. We are very interested in Cisco’s security technology integration with Sourcefire and the X series firewalls. Will Cisco MARS rise from the ashes as Cisco Jupiter, Saturn or possibly Uranus?
Social networks will be used to socially engineer employees and compromise the enterprise. User training and awareness programmes will become an increasingly important piece of the defences.
Increasing levels of security for mobile devices will be provided by the device manufacturers (for example the Samsung Knox security suite). This technology from the boots up will provide essential device protection and will blur the boundaries between what is provided by the manufacturer and what is provided by Mobile Device Management vendors, although there is no suggestion that vendor tech will replace MDM. Securing the mobile device will be a big deal in 2014.
ITC will continue to develop our product and NetSure360 service portfolio in line with industry trends and customer requirements and will continue to debate current issues on this blog in 2014.
Thanks for reading and Happy New Year