Healthcare industry gains popularity among cybercriminals
The healthcare industry will be a key target of cyber attackers in 2015. A report by BitSight Technologies has already found that the healthcare and pharmaceutical industry ranks the lowest in terms of security performance compared to the finance, utility and retail sectors. Such data has a longer shelf life and are therefore more valuable than users' financial data which are likely to change over time. We expect to see campaigns targeting patients' records in the healthcare industry. With IoT gaining traction among organisations, there could potentially be security breaches of medical devices such as pacemakers.
Data protection laws in full force
While legal frameworks have started to be firmer, 2015 will see more rapid developments surrounding data protection law. This will put added pressure on organisations in the region to secure the data of customers. This includes coming up to internal data protection strategies such as having privileged and restricted access to more sensitive customer data.
Social media, tools as a threat frontier
Social media, along with collaborative and social tools such as Google Docs have gained traction in recent years and the trend is expected to continue into 2015. However, social media and tools are set to be the next threat vector for enterprises. Many organisations have corporate social media pages but do not have the same vigilance level when it comes to security, as compared to sensitive corporate data. Social media accounts are effectively poster children for the vulnerabilities associated with shared privileged accounts. Hackers and malicious insiders will target the passwords for these accounts, which are easy to crack and are shared among teams.
Cloud adoption drives privileged account security
Organisations have turned to cloud computing and mobile devices to stay competitive as well as increase the productivity of employees in recent years. As the use of cloud continues to grow in enterprises in the year ahead, SaaS, PaaS and IaaS will lead to an explosion of privileged accounts due to its presence of third-party vendors on internal networks. Organisations will look to enhance security of privileged accounts with more capabilities such as context-aware access controls and automatic credential management.
Sign up for CIO Asia eNewsletters.