There aren't enough security professionals to keep up with demand as cyber threats increase. So how does IT cope with threats over the coming year?
Global Politics
The new spy game takes place digitally. Terrorists can now easily hire or train cyber criminals. Nations like China support entire divisions of hackers. The idea of a villain making off with billion-dollar plans for the latest weapon is outdated; today it's done in minutes by a hacker sitting at his keyboard. More nations and organizations focus on this approach - it's safer, cheaper, and easier to steal someone else's work. Each organization must decide what data is most valuable and take extra security measures, such as layers of encryption, involved authentication processes, and storing data on a separate network.
Combined Threats
More resistance means cybercriminals try new methods. These include not just the occasional data hack, but strategized assaults. The Cyber Grand Challenge to be held in Las Vegas this year offers a $2 million prize to the best autonomous hacking system. With AI software, the scope and complexity of an attack could become unlimited. It's essential that security professionals stay up-to-date on the latest threats and counter-measures, with round-the-clock monitoring of network use.
PCI Training
Forms of digital payment have become the favored target of today's thieves, The latest versions of the PCI Data Security Standard guidelines are to be released in spring of 2016 and businesses are expected to observe 12 major and 253 minor requirements. That means they will have the need for PCI training in the coming months. Visa and MasterCard both expect merchants to comply. PCI DSS requires overlapping layers of security between peripheral networks, servers, business processes, separation of stored data, and 128-bit encryption on data in transit. Stronger user authentication, and plans for testing and incident reporting must be in place. It's vital that more employees are trained in PCI-related security to prevent fraud.
Business Value
Security breaches of large companies like Target or Sony make news, and risk assessment considers security issues as part of value. Public embarrassment and a lack of trust could send stock prices tumbling - something hackers are well aware of. Business management needs to be reminded of the importance of cyber security; network and data integrity are essential to the bottom line and company growth.
Each organization must identify and prioritize assets when implementing layered security, but also be mindful of regulatory compliance and customer confidence. Intelligence on the latest threats is the key to risk management.
Rachelle
