1. BYOD will continue to grow – and cause risks – in the workplace
More and more businesses are adopting “bring your own device” (BYOD) practices and will continue to do so next year. Entrepreneur reporter Mikal E. Belicove found that 60 percent of businesses employ a BYOD strategy because “the efficiencies offered by a mobile work force are too great to pass up, and moving the cost of access to the employee is too juicy a cost savings to ignore.” What are the threats associated with a growing BYOD workforce? According to Help Net Security, the potential risks stem from “both internal and external threats including mismanagement of the device itself, external manipulation of software vulnerabilities and the deployment of poorly tested, unreliable business applications.”
2. Internet of Things moves from buzzword to security matter
ZDNet coins the Internet of Things (IoT) as 2013’s favorite buzz-phrase and believes that 2014 will be a time to evaluate how security plays into the IoT: “If 2013 was the year that the idea of the IoT (and many practical applications) went mainstream, then 2014 is likely to be the year when the security implications of equipping all manner of ‘things’ — from domestic refrigerators to key components of critical national infrastructure — with sensors and internet connections begin to hit home.” To circumvent security disasters from occurring amidst the IoT, Help Net Security suggests that the companies making the “things” should “continue to build security through communication and interoperability” and by “adopting a realistic, broad-based, collaborative approach to cyber security” with government departments and security professionals.
3. Hackers will want to destroy data, not collect it
In the past, cyber criminals have wanted to access information for profit, but over the course of 2013 a shift occurred. The 2013 IBM Cyber Security Intelligence Index report found a rise in the number of sabotage cases versus espionage. The reason? Because vulnerabilities within organizations often leave attackers with opportunities to cause damage. InformationWeek says “in 2014, organizations need to be concerned about nation-states and cybercriminals using a breach to destroy data.” Additionally, InformationWeek noted that ransomware will begin affecting small and medium sized businesses.
4. Cyber criminals will use social networks to infiltrate businesses
Social networking continues to expand into the business sector. This being the case, attackers will prey on businesses using social networks and high-level executives participating in business networking sites like LinkedIn to compromise organizations and gather intelligence, InformationWeek says. ZDNet, too, notes that social networking will be increasingly used in 2014 to “lure executives and compromise organizations via professional social networks.”
5. Attackers will look to the cloud for valuable data
Like the IoT, 2013 was an influential year for the cloud industry, but as more businesses continue to adopt cloud technology, hackers have and will continue to find ways to exploit cloud-stored data. To protect against cloud cybercrime, senior consultant at Windstream Kent Landry predicted in Help Net Security that “cloud providers will need to be certified in cyber security standards like NIST, PCI DSS compliance, STAR certifications, and other industry checkpoints. The security industry will flourish as organizations increase investment in protecting both their data and their customers with more advanced prevention software and training.”