Created on 2015-12-21 15:58
Published on 2015-12-21 23:01
Subset of article recently published by Security Current, CISOs Identify the Biggest Security Challenges as They Enter 2016, December 20, 2015.
This year (2015) brought more successful email social engineering/phishing attacks, especially at SMEs, due to increased sophistication and difficulty in detection by filtering solutions and employees. This led to increased advanced malware, also difficult to detect by existing, signature-based solutions.
The number of connected devices increased, which added additional stress to overworked and understaffed IT for managing increased vulnerabilities. And, although financial institution cybersecurity regulation has increased, it has also matured; more FIs are doing better at communicating cyber risk to the board, leading to better protection of key organizational assets.
Next year (2016) will bring advancements in evolving technologies, including the coalesced use of data analytics, machine-to-machine communication of indicators of compromise, and artificial intelligence through deep learning, to more quickly prevent, detect, and respond to attacks. Regulation will continue increasing and evolving, and institutions will reengineer networks, enhancing security controls with advanced tools, focusing on the inner layers and key organizational assets.
Organizations will continue migrating to the cloud for compliance, cost savings and lower risk; however, this will also decrease agility and control. Sadly, many SMEs, some large enterprises, and a few cloud providers will see breaches of confidential information leading to identity, intellectual property, and/or financial theft, as the battle between good and evil rages on.