When it comes to information security trends in 2014, to say that the threat landscape will be interesting would be a huge understatement.
Protecting the enterprise — including the network application layer — will continue to be a challenge for today’s technology decision makers and network managers, according to industry experts.
As Ross Barrett and Ryan Poppa of security consulting firm Rapid7 outlined at the SecTor event in Toronto a few months ago, 2014 is the year where malware, monitoring and intrusion threats continue to grow in scope.
A year of increased government monitoring?
From a big picture, the issue of major governments involved in what Barrett termed as offensive operations — such as surveillance via monitoring, intrusions and malware vulnerabilities – is growing in scope.
“We’re seeing a lot of intelligence gathering that doesn’t necessarily connect to a visible operation…big governments engaged in highly sophisticated data collection attacks,” said Barrett. This often involves “cutting edge” malware in targeted uses including anti-government and economic espionage. Think commercial malware and toolkits in use by oppressive regimes — FinFisher, FLAME, GAUSS and Red October.
It’s heady stuff, but what does this mean for the average enterprise?
“It’s getting harder and harder to see who’s doing what,” says Barrett, meaning that it’s ever more vital for organizations to place a strong priority on enterprise security and data protection.
A big year for big data
Speaking of information, the concept of big data will continue to be big in the coming year, notes Poppa. Big Data will be the security issue of the year, particularly as organizations push for central data collection: “Organizations are trying to collect more and more data about everything — how can I take the data that I have, collect it and perform analytics on it?”
But the challenge with big data, he notes, is that analyzing large volumes of information effectively poses a huge challenge for businesses. This is especially true when many industry tools don’t place a high enough emphasis on security — meaning that these datasets can represent juicy targets for attackers. Exploit kits are getting smarter in collecting statistical data, so much so that and even a one per cent exposure rate is worth exploiting for attackers, Poppa noted. Technology decision makers, therefore, should look at big data vendor solutions that protect the data as well as collect it. This includes looking at solutions that emphasize encryption and authentication support, ensuring that services aren’t exposed to the Internet.
That said, Poppa predicts that big data will continue to be confused with security analysis, organizations will continue to overinvest in data analysis, and a major analytics provider will be potentially breached in 2014.
The Internet of Things: Still a thing
The much talked-about concept of the Internet of Things — where more devices and appliances are embedded with sensors and able to communicate — will continue to emerge in 2014. That said, these devices will becoming increasingly compromised in 2014, noted Barrett. With limited mitigations and logging, backdoors and reverse engineering of binaries will be increasingly common.
These Internet-connected tools often have no security whatsoever, said Barrett, adding that in 2014 botnets will continue to thrive on embedded systems, particularly as device exploits become more common.
2014 in the cloud
As organizations continue to invest in the cloud and SaaS in 2014, IT managers will need to ensure that they can easily identify where the data is being stored. This is particularly true when considering access control and auditing processes, notes Poppa.
“The challenges are that access control and auditing is fragmented — who controls access, where are the logs stored, how are you ensuring that the right people have access to the right things,” said Poppa, adding that it’s important that the IT department doesn’t become powerless in the process of moving and managing data to the cloud servers.
Who accesses what and where the data is actually stored are the questions that businesses should be asking their cloud vendor, Poppa added. And with this in mind, it’s important to ensure in 2014 that authentication lapses don’t lead to data loss. That said, this year should see more consolidation among cloud vendors on security standards and providers will look to adopt a more proactive role in securing customer data, Poppa predicts.
Get more insight into the way you can combat threats: Download The Internet Security eBook: A Self Assessment Guide, from Allstream.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net