What Security Threats Should You Expect In 2016?

Security Threats In 2016

Chief Information Security Officers (CISOs) are at the cutting edge of cyber security and are often the first to know when a security breach has occurred. Their ability to stay one step ahead of any potential threats is crucial to their line of work, so it’s immensely valuable to take note when 25 top CISO’s discuss their security predictions for 2016.

With cloud, mobile and social platforms all becoming the new normal, there are multiple risks to consider. Most of the experts picked up on themes such as Highly Orchestrated Attacks, a greater focus on Incident Response and a need for improved Cyber Liability Insurance.

Joe Adornetto, CISO of Quest Diagnostics, revealed that three of five largest data breaches of 2015 were in healthcare, while Roota Almeida of Delta Dental explained that was due to the fact that “No other single type of record contains so much Personally Identifiable Information (PII) that is often linked to financial and insurance information and can be used for various attacks.’’ More attacks of this nature will necessarily lead to companies seeking to “offload the risk to insurance providers”, says Almeida, before concluding that “Cyber insurance will gain velocity and popularity in the coming year”.

Microsoft’s Bret Arsenault explains that effective security measures don’t have to cost a lot of money. He says “Interestingly enough, the most effective preventative actions aren’t necessarily cost-prohibitive – like robust monitoring systems, proper employee training, and a strong identity lifecycle process.” Microsoft believes in empowering its employees to create a pervasive security culture so that they make safer decisions online. Grace Crickette of the San Francisco State University agrees: “We have found that engaging non-technical managers to help deal with implementation of a security risk assessment on an ongoing basis provides the relationships that we need to be able to improve rapidly.”

Simple things make a big difference in security. E-mail and internet browsing are ‘low hanging fruit to minimize breaches’, according to Napa County’s Gary Coverdale. His advice for 2016? “Be prepared, take advantage of quick wins by properly deploying aggressive cyber hygiene and start hardening your systems by taking advantage of ‘smart’ partnering with the appropriate vendors that have the right and cost effective solutions meeting your security, privacy, and compliance initiatives.”

IBM’s David Cass managed to sum up 2015 succinctly as a year of “escalating breaches for banking, healthcare, government, media and telecommunications. No industry sector was spared, and these attacks demonstrated their destructive capabilities. Nation-state activity increased to an all-time high, paving the road for the cyber security pact with China.” He expects more of the same in 2016 but is hopeful that international co-operation will mitigate the increased security threats.

None of the CISO’s interviewed were optimistic that security threats would recede in 2016 and all predicted far more intense focus from companies and individuals alike. Vanessa Pegueros of DocuSign has the final word. “In summary 2016, will bring more breaches, more attention from the top levels and more money being spent to solve the problems as consumers become increasingly less tolerant of their data being exposed in breaches.

By Jeremy Daniel

Gary Bernstein
Managing Your Internal IT Your company's internal IT team is responsible for keeping things running smoothly, and they deserve all the support you can give them. Here are ten ways to make their lives easier ...
Rakesh Soni
Multi-tenant clouds are becoming more popular than ever because they're incredibly cost effective and easy to set up. If you're considering switching your business over to a multi-tenant cloud platform, this article is for you ...
Gary Bernstein
Test Data Management How do you test your data management systems? With Delphix, you can automate your tests by running your data against a virtual copy of your production environment. Today, the amount of data ...
Dana Gardner
Just as cloud computing initially seeped into organizations under the cloak of shadow IT, application programming interface (API) adoption has often followed an organic, inexact, and unaudited path. IT leaders know they’re benefiting from APIs -- ...
Rakesh Soni
Businesses now see the cloud as a standard, and they are always on a hunt for ways to leverage the cloud to its full potential. And if enterprises need to be competitive in the ever-expanding ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.