Learning From Past Mistakes: Predictions For Cybersecurity

Predictions Cybersecurity

From Ashley Madison to the Office of Personnel Management (OPM), hackers did not discriminate between organizations or industries when it came to unleashing cyber-attacks in 2015. This past year, data breaches affected millions of people with headlines of a new hack appearing almost daily. On an individual level, customers’ passwords were compromised, credit card information stolen, and private lives became public to name a few ill-fated scenarios.

On the other hand, the organizations that were hacked lost millions of dollars, trust from their customers, and brand credibility. Many will not recover from such serious blows to their reputations. Businesses can only withstand a cybersecurity hack if they invest the time, effort, and money into response, recovery, and the future protection of the organization and its customers.

With lessons learned from 2015 in mind, here are four predictions related to cybersecurity that will make news in 2016:

1. CEO turnover will increase

In 2016, organizations will come to realize that a cybersecurity breach is inevitable and stakeholders will point to the CEO as the responsible party when they occur. No one is immune to cyber threats and the sooner corporate boards and C-suite executives realize this, the better off their organizations will be.

Because cybersecurity is no longer an issue solely reserved for IT departments, the C-suite, particularly CEOs, will be held responsible for data breaches. The sophistication of cyber threats is unprecedented, requiring executives to evaluate the access of data from employees, customers, partners, regulators and vendors. As such, after a breach occurs, many CEOs will either be forced to step down or be fired.

Additionally, executives must be able to demonstrate they have taken all possible precautions to protect their customers’ data. Public expectations of transparency are likely to increase based on the increasing number of breaches. If CEOs cannot provide evidence of their organizations’ efforts, they will be swiftly replaced.

2. CISOs will be scrutinized more than ever

Corporate boards will scrutinize new CISO hires more than they had previously and more than any other C-suite position. A CISO will be expected to mitigate cyber risk, and ensure the organization maintains the philosophy and practice that compliance does not equate to security. Being compliant is important, but organizations must assume that measures must be taken above and beyond compliance and have strategies in place for identifying areas in need of security improvements.

complience-cloud-risks

Performing penetration tests – tests where third parties are paid to infiltrate an organization’s infrastructure in order to uncover holes in security – will be one way CISOs will help arm their organizations against unfriendly hackers. Having a data breach response and recovery plan will be another way CISOs mitigate risks for their businesses and their customers.

3. Cyber insurance will become more popular

As 2015 demonstrated, data breaches are a very real and pervasive threat. Only by taking preemptive measures and proactively preparing a response and recovery strategy will organizations be able to bounce back when one occurs to them.

Part of this proactivity will come in the form of cyber insurance. Even with executives understanding the need for a cybersecurity strategy, it is difficult to calculate all potential costs involved in a breach. Financial considerations must include both direct and indirect costs. An example of direct costs is the financial reparations paid to affected customers after a breach. Indirect costs can include the legal fees incurred while an organization is sued for these reparations.

By purchasing an insurance plan, organizations will be able to minimalize the out-of-pocket costs of a breach.

4. Mobile device management (MDM) will be critical

Organizations will come to understand the threat that connected devices pose to their enterprises. Individuals are using unsecure mobile devices and cloud-based applications without realizing it, which is why MDM and its providers will play a vital role in maintaining organizational security.

Entry into an organization’s infrastructure via a mobile or connected (IoT) device can be relatively simple if the organization is not prepared. For example, if a person’s cell phone or an application on his or her cell phone is hacked and the device is connected to a company’s wireless internet system, a hacker can gain access to the company’s network.

2016 will inevitably be a year with many more data breaches, but hopefully 2015 has taught us that C-suite proactivity and strategy can minimize cyber risk. Learning from the missteps of 2015 will enable organizations to approach cybersecurity with a top-down approach, making it a priority for employees at every level.

By Larry Jones

Ajay

Explainable Intelligence Part 1 – XAI, the third wave of AI

Explainable Intelligence Artificial Intelligence (AI) is democratized in our everyday life. Tractica forecasts the global artificial intelligence software market revenues will grow from around 9.5 billion US dollars in 2018 to an expected 118.6 billion by 2025 ...
David Gevorkian

Website Accessibility: Compliancy, Laws and Best Practices

Key to Making Your Website Accessible The internet has changed the education sector in so many ways. With e-learning, more people around the globe are able to access high-quality education and advance their careers. E-learning ...
Or Lenchner

Using an IPPN to fight ad fraud: your questions, answered

Using an IPPN to fight ad fraud It’s a well-known fact: the internet is a marketer’s dream, offering brands the chance to engage with consumers on a one-to-one basis, on a huge scale. Ads can ...
Figure4

DevOps – Secure and Scalable CI/CD Pipeline with AWS

Secure and Scalable CI/CD Pipeline According to Gartner, a leading research company, worldwide public cloud revenue will grow by 17.3 percent in 2019. Total spending on IT infrastructure products (server, enterprise storage, and Ethernet switches) ...
Tunio Zafer

Questions To Ask Every Cloud Storage Provider

Cloud Storage Provider Questions As with many new technologies, attitudes toward cloud storage vary. Telephones were immobile; wearables perhaps unwarranted. And now, the global cloud storage market was estimated at $21.1 7 billion in 2015, ...
Kayla Matthews

Higher-Ups More Likely to Break Policy, Data Breach Survey Finds

Data Protection Policies In an ideal scenario, the people at the highest levels of an organization would be the most likely to abide by data protection policies. Then, their positive behavior could set an excellent ...