2014: The Year of Mobile Surveillance

By | March 25th, 2014|Uncategorized|

Guest Blog_032414This guest blog post comes from Camille McClane, writer and researcher based in Southern California.

Between Snowden, the NSA, the sheer amount of our private information we keep in public and the vulnerability of our personal electronics to hackers and their ilk, it’s easy to feel like we’re in an inescapable downward spiral toward absolute zero privacy. The good news is that, in 2014, it’s not all bad news. As threats try to expand, so does the technology to fight back. Here are some of the important security trends we can look forward to this year.

Increased Cloud Usage

Cloud storage already exists, but since the security parameters are so different from physical storage, more companies are going to be consolidating their information in a cloud. Not only is cloud storage more secure, it can even make your day-to-day business more efficient and is certainly worth consideration. Wouldn’t you rather have convenience and security, if possible? Cloud storage has the added benefit of creating a backup, a network and a server that is both encrypted and remotely accessible.

New Encryption Methods

What’s one of the best ways to keep sought after valuables secure inside a safe? Change the combination often. Similarly, one of the best ways to secure your data is by increasing the levels and complexity of your digital encryption. Watch for mentions of cryptographic block modes like cipher-block chaining (CBC) and output feedback (OFB), and authenticated modes like EAX, CCM and GCM, as well as new standards of access and passkey management.

Greater Internal Protections

Your security wall is only as strong as your weakest barrier to entry, and insiders still have the easiest means to disrupt a system. So what can you do about it in your business? On the security side, expect larger companies to focus on system-wide data encryption, making it harder for employees to accidentally (or intentionally) compromise the security of company data.

People Will Become More Private

At the very least, as the threats against privacy continue to grow, people will become more conscious of how they expose themselves to these threats through carelessly granting permissions to countless apps, websites and software. There is an international effort underway to educate the public in these matters, and as the individuals begin to take back some of the lost ground; it will theoretically reduce the overall risk in the process.

After all, no matter how scary the truth is, isn’t it better to know than to not? Let us know your thoughts on Twitter and Facebook, and check out our Tumblr for the latest news stories.

News Recap: 2014 Security Predictions Roundup

By | December 5th, 2013|Uncategorized|

predictions picAs 2013 quickly comes to a close, the security industry has begun making predictions for coming threats and trends for 2014. Here’s a collection of five recurring 2014 security predictions.

1. BYOD will continue to grow – and cause risks – in the workplace

More and more businesses are adopting “bring your own device” (BYOD) practices and will continue to do so next year. Entrepreneur reporter Mikal E. Belicove found that 60 percent of businesses employ a BYOD strategy because “the efficiencies offered by a mobile work force are too great to pass up, and moving the cost of access to the employee is too juicy a cost savings to ignore.” What are the threats associated with a growing BYOD workforce? According to Help Net Security, the potential risks stem from “both internal and external threats including mismanagement of the device itself, external manipulation of software vulnerabilities and the deployment of poorly tested, unreliable business applications.”

2. Internet of Things moves from buzzword to security matter

ZDNet coins the Internet of Things (IoT) as 2013’s favorite buzz-phrase and believes that 2014 will be a time to evaluate how security plays into the IoT: “If 2013 was the year that the idea of the IoT (and many practical applications) went mainstream, then 2014 is likely to be the year when the security implications of equipping all manner of ‘things’ — from domestic refrigerators to key components of critical national infrastructure — with sensors and internet connections begin to hit home.” To circumvent security disasters from occurring amidst the IoT, Help Net Security suggests that the companies making the “things” should “continue to build security through communication and interoperability” and by “adopting a realistic, broad-based, collaborative approach to cyber security” with government departments and security professionals.

3. Hackers will want to destroy data, not collect it

In the past, cyber criminals have wanted to access information for profit, but over the course of 2013 a shift occurred. The 2013 IBM Cyber Security Intelligence Index report found a rise in the number of sabotage cases versus espionage. The reason? Because vulnerabilities within organizations often leave attackers with opportunities to cause damage. InformationWeek says “in 2014, organizations need to be concerned about nation-states and cybercriminals using a breach to destroy data.” Additionally, InformationWeek noted that ransomware will begin affecting small and medium sized businesses.

4. Cyber criminals will use social networks to infiltrate businesses

Social networking continues to expand into the business sector. This being the case, attackers will prey on businesses using social networks and high-level executives participating in business networking sites like LinkedIn to compromise organizations and gather intelligence, InformationWeek says. ZDNet, too, notes that social networking will be increasingly used in 2014 to “lure executives and compromise organizations via professional social networks.”

5. Attackers will look to the cloud for valuable data

Like the IoT, 2013 was an influential year for the cloud industry, but as more businesses continue to adopt cloud technology, hackers have and will continue to find ways to exploit cloud-stored data. To protect against cloud cybercrime, senior consultant at Windstream Kent Landry predicted in Help Net Security that “cloud providers will need to be certified in cyber security standards like NIST, PCI DSS compliance, STAR certifications, and other industry checkpoints. The security industry will flourish as organizations increase investment in protecting both their data and their customers with more advanced prevention software and training.”

What are your security predictions for 2014? Let us know on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts