OXFORD, UNITED KINGDOM — (Marketwired) — 12/12/14 — Sophos today released the report that exposes the biggest security risks on the horizon and explains the real-world impact of evolving cyber threats on businesses and consumers in the New Year. After a year of big data breaches like Home Depot and Sony, it–s easy to predict that cyber security will be a hot topic in 2015.
The highlights the following 10 areas Sophos experts believe will have the biggest impact on security in 2015 and beyond:
Cybercriminals have for years feasted on Microsoft Windows. Fortunately, Microsoft has invested in exploit mitigations, which makes writing attack code more difficult. As the difficulty of exploitation increases, some attackers are moving back to social engineering, and we also see attackers focusing on non-Microsoft platforms.
In 2014 we–ve seen more evidence that manufacturers of Internet of Things (IoT) devices have failed to implement basic security standards, so attacks on these devices are likely to have nasty real world impact. The security industry needs to evolve to deal with these devices.
With growing awareness of security and privacy concerns due to revelations of intelligence agency spying and newsworthy data breaches, encryption is becoming more important than ever, though not without controversy. Certain organizations like law enforcement and intelligence agencies are unhappy about the prospect of pervasive encryption under the belief that it may adversely impact safety.
From Heartbleed to Shellshock, it became evident that there are significant pieces of insecure code used in a large number of our computer systems today. The events of 2014 have boosted the cybercriminals– interest in typically less-considered software and systems — so businesses should be preparing a response strategy.
The law moves slowly compared to the technology and security fields, but massive regulatory changes that have been a long time coming are nearly here. It is likely these changes will trigger consideration of more progressive data protection regulation in other jurisdictions.
Mobile payment systems were the talk of 2014 after Apple stormed ahead with Apple Pay. Cybercriminals will be looking for flaws in these systems, but the present designs have several positive security features. Expect cybercriminals to continue abusing traditional credit and debit cards for a significant period of time as they are the easier target for now.
As technology becomes more integrated in our daily lives and a supporting pillar of the global economy, the cybersecurity skills shortage is becoming more critical and broadly recognized by governments and industry. This gap is growing larger with some governments forecasting a widening gap through the year 2030 given the present scarcity of qualified IT security professionals.
The last few years of cybercrime have been hallmarked by the rise of products and services to make hacking and exploitation point-and-click easy. With mobile platforms being so popular (and increasingly holding juicy data) we will see more crime packs and tools focusing on these devices explicitly. We may also see this trend come to fruition for other platforms in the IoT space as these devices proliferate around us.
Industrial Control Systems (ICS) are typically 10 years or more behind the mainstream in terms of security. Over the next couple of years we anticipate more serious flaws exposed and used by attackers as opportunities vacillate between state-sponsored attacks and financially motivated ones. In short, it is an area of significant risk.
The technology industry is in the process of changing major platforms and protocols from those that we have relied on for some time, and these lower level changes will expose interesting flaws that cybercriminals may be able to capitalize on. This mass of major changes away from old guard technology standards could re-open old wounds and reveal major new security flaw categories.
More than 100 million users in 150 countries rely on Sophos– complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos– award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs – a global network of threat intelligence centers.
Sophos is headquartered in Oxford, UK. More information is available at .
CONTACT:
Marty Ward
Sophos
(650) 868-4844
Mike Bradshaw
Connect Marketing
(801) 373-7888
You must be logged in to post a comment Login