Recent Trends and 2016 Outlook
2015 was another landmark year for the information security world, which was dominated by the ever-changing threat landscape. We saw new and sophisticated malvertising campaigns and a shift in hacktivists’ tactics. There was an increased scrutiny on vendor and third-party security practices as a result of several large breaches, as well as growing concern over the lack of security awareness training programs for employees. The availability and accessibility of data and information, as well as the ease of use of hacking tools, means anyone with access to an Internet-connected device can launch an attack, putting all businesses – not just large corporations – at risk.
The Internet of Things (IoT) is expanding in a dramatic way, bringing to question the issue of availability versus security, as security measures are having a difficult time keeping pace with the development of IoT devices. If threat actors attack a network that also controls a building’s access points, then that cyber attack is a physical attack as well. Threat actors could lock employees out, allow unauthorized people in, or steal data that could be used in a greater social engineering attack.
Today’s companies must take a unified approach to both cyber and physical security, recognizing that while they may not ever fully converge into one, their operations are becoming increasingly reliant on one another to be successful. It is more important than ever for companies to invest in a more robust cyber security posture.