This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
As we welcome the year of the monkey, it's a good opportunity for the security community to reflect upon lessons learned over the past year and examine the challenges and opportunities ahead.
Cyber attacks are becoming more aggressive and costly. With compromised privileged accounts as a common denominator in nearly every major cyber attack, last year we witnessed a significant uptick in awareness - across IT and executive teams - around the importance of prioritising privileged account security. Demonstrating this increased awareness, our annual Threat Landscape survey found that 61 percent of respondents cited privileged account takeover as the most difficult stage of a cyber attack to mitigate, up from 44 percent from the year prior.
Cyber attacks are no longer limited to attackers seeking to steal credit card information. The motivations can vary from espionage and black mail, to wanting to send a message. Today virtually all organisations have data that could be viewed as valuable to an attacker and are vulnerable to a breach. Take for example the data breach that happened to Hong Kong toy maker VTech. As more devices are connected to the Internet and companies increasingly collect personal information about their customers, it's easy to see why such attacks can be expected to increase. Closer to home, cyber-security crimes in Singapore, including theft of confidential business information, are estimated to exceed S$1 billion in value annually.
Organisations must adopt the mindset that they will be breached, and develop security strategies with the realisation that it's not "if," but simply a matter of "when." There are a number of emerging risks to watch in the coming year. While not an exhaustive list, we expect these issues to get attention in the coming months.
1. Hitting close to home, data breaches will get increasingly personal
The recent VTech data breach highlights consumer privacy issues in a very powerful way. The breach exposed personal information, photos and chat logs of 6.4 million children - and prompted parents around the globe to take a hard look at the seemingly innocuous, Internet-connected toys their children have access to. Within weeks of the breach, headlines emerged revealing vulnerabilities in other popular children's toys, including Hello Barbie and Hello Kitty. Despite this jarring wake-up call, an Altimeter Study indicates the vast majority (87 percent) of consumers still don't even know what the term "Internet of Things" even means. This lack of awareness will need to change quickly. While consumers should properly educate themselves on the potential dangers of Internet-connected devices - from tablets and toys to smart thermostats - it is the responsibility of manufacturers to design with security in mind, and not put time-to-market ahead of protecting their customers. Manufacturers also need to put in place stronger controls for protecting the data that is collected from these devices and who has access to it.
Sign up for CIO Asia eNewsletters.