Five Cyber Security Predictions for 2016

Uploaded on 2015-12-02 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Information security and risk management professionals will rebel against cookie-cutter approaches to cyber security in 2016, that’s just one of many ways that prevention, detection and response to cyber threats will change in the next year, according to a new report from Forrester Research.

“Security investments based on a checklist of technology required to meet compliance fails to address underlying or existing vulnerabilities,” Forrester authors Rick Holland and Heidi Shey contend. “Assess the maturity of your security program to build a strategic road map to reach higher levels of maturity, and identify existing gaps and centers of excellence.” In particular, Forrester gives five cybersecurity predictions and resulting actions to be taken in 2016:

We’ll See Ransomware for a Medical Device or Wearable
Security and risk professionals should focus on the human factor to combat phishing; identify data assets and access paths to understand the types of data that wearables and Internet of Things devices are collecting; secure data collection as well as data analysis points, starting with medical devices collecting data and continuing to the location where analysis occurs; and re-examine existing security functions through an Internet of Things lens.

The US Government Will Experience Another Significant Breach
Forrester gives a bleak assessment of the government’s security capabilities. “It will be cyber security as usual for the U.S. government, with lower morale as federal employees question the government’s ability to protect sensitive data and hire qualified cyber security experts.” In short, the government is short-staffed, under-budgeted and lacking internal discipline.

Security and Risk Pros Will Increase Spending on Prevention by 5 to 10 Percent
“You may have heard claims that prevention is dead,” according to Forrester. “This couldn’t be farther from the truth.” The firm recommends investing in new varieties of prevention that employ “exploit” prevention techniques; being skeptical of vendors that offer only detection technologies; and maximizing existing detection capabilities before investing in new ones.

Defense Contractors Will Fail to Woo Private Industry with ‘Military Grade’ Security
Contractors see a big opportunity in the commercial sector and have been buying up complementary companies, but have difficulty understanding private-sector requirements and dynamics, according to Forrester. “Many assume that purchase orders will rain down from the heavens with the mere mention of statements like, ‘We’ve been fighting the advanced persistent threat for 15 years.’” So, question defense contractors about their commercial experience, see through the ‘Military Grade’ claims as a higher tier product, because that isn’t a given (see F-35 Joint Strike Fighter jet), and understand that a long-term commitment to commercial markets is a traditional concern when working with defense contractors.”

HR Departments Will Offer Identity and Credit Protection as an Employee Benefit
“Keeping up with the times, potential challenges associated with fighting fraud, identity theft, medical identity theft and damage to personal online reputation will drive HR pros to bring in identity and credit protection and resolution services as an employee benefit,” Forrester notes. So, build a closer relationship with HR, and revamp and jumpstart your security awareness program.

Information-Management: http://bit.ly/1TkwPkU

 

« N. Korea Employs Grads for Cyber Warfare
OPM Hack Was Criminal - Not China Government Sponsored »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CERT-MU

CERT-MU

CERT-MU is the Mauritian National Computer Security Incident Response Team.

Wooxo

Wooxo

Wooxo provides business security and continuity solutions to protect business data for organisation of all sizes.

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF) is a business and labour market lobbying organization that promotes the competitiveness and business conditions of Finland’s most crucial export industry.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

SecureLayer7

SecureLayer7

SecureLayer7 is an international provider of integrated business information security solutions with an innovative approach to IT security.

TwoThreeFour

TwoThreeFour

ThreeTwoFour provide tailored cyber security solutions, delivered by highly-skilled, experienced consultants who respond to the real needs of you and your business.

Bfore.ai

Bfore.ai

Stop future attacks, today. Bfore.ai is an operational threat intelligence feed to add predictive technology to your security infrastructure.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.

Peris.ai

Peris.ai

Peris.ai is a cybersecurity as a service startup that protects businesses and organizations from online threats.

CyberFOX

CyberFOX

CyberFOX is a global cybersecurity solutions provider focused on identity access management (IAM) for managed service providers (MSPs) and IT professionals.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

Redblock

Redblock

Redblock's mission is to eliminate the drudgery and repetitive 'eye on the glass' work done by Security Teams.