5G ENSURE has received funding from the EU Framework Programme for Research and Innovation H2020 under grant agreement No 671562 | Duration November 2015 / October 2017
Submitted by s.parker on January 26, 2016
As organisations are developing new security mechanisms, cybercriminals are cultivating new techniques to evade them. In the drive to become more cyber resilient, organisations need to extend their risk management focus from pure information confidentiality, integrity and availability to include risks such as those to reputation and customer channels, and recognise the unintended consequences from activity in cyberspace.
Steve Durbin, managing director the Information Security Forum (ISF), a nonprofit association that assesses security and risk management issues on behalf of its members, shares his 5 information security trends to watch out for in 2016:
#1 The unintended consequences of state intervention
Organisations will have to understand what governments are able to ask for and be open about that with partners. Legislators will always be paying catch up, but they need to raise their game. They'll always be talking about yesterday, and cyber is about talking about tomorrow.
#2. Big data will lead to big problems
Key issues are people stealing information and manipulating it in ways that we can't see. Make sure there are noback doors in the code. Question assumptions and make sure the information is actually what it says it is, understand data provenance. Sharing data means opening yourself up - how is the information being used, who is it being shared with, who's adding to it and how is it being manipulated?
#3. Mobile applications and the IoT
Organisations should be prepared to embrace the increasingly complex IoT and understand what it means for them, especially in terms of cyber risks.
#4. Cybercrime causes the perfect threat storm
Cybercrime topped the list of threats in 2015, and it's not going away in 2016. Organisations that adopt a risk management approach to identify what the business relies on most will be well placed to quantify the business case to invest in resilience.
#5. Skills gap becomes an abyss for information security
While cybercriminals and hacktivists are increasing in numbers and deepening their skillsets, the "good guys" are struggling to keep pace. CISOs need to build sustainable recruiting practices and develop and retain existing talent to improve their organisation's cyber resilience.
