This meant that organisations were facing new attack surfaces, and had to extend their security posture to cover these new surfaces. Many users were surprised to discover that applications in the cloud were not as secure as the cloud infrastructure. Even very popular applications like Pocket were found to be vulnerable.
Several new types of attacks grew in prominence this year. We saw an increase in mobile device malware, and SMS text messages have become a popular method for social engineering and phishing attacks. The growth in BYOD and the movement between secure corporate networks and insecure home/ public networks have made mobile devices a weak link. So it's no surprise that Allied Market Research has predicted that the global mobile security market is set to reach US$34.8 billion by 2020," adds Thiban.
Web application security remains one of the least understood attack surfaces, and it shows. According to the Verizon 2015 Data Breach Investigation Report (Verizon DBIR), the number of web app attacks increased by about 5% as compared to the previous year. Nearly two-thirds of these attacks are part of a Strategic Web Compromise, meaning that the hackers are targeting the web app in order to set up an attack on a different target. Activists and organized crime represent 81% of web app attackers," explains Thiban.
The number of DDoS attacks hit a record high in 2015. The latest State of the Internet - Security Report states that DDoS attacks grew 7 percent from Q1 to Q2 2015, and DDoS attacks increased 132 percent over Q2 2014. Most of these attacks lasted from 1-2 hours, though some lasted much longer.
IT security budgets will be insufficient for "business as usual." IT spending increased in 2015, but the budgets were more likely to be determined by C-level executives rather than technology managers, and it included spending for departments like HR, Legal, and Sales, meaning that IT spending was happening outside of the IT department. SysAdmins continue to do more with fewer resources.
Part Two of this article continues the overview of Malaysia's IT sector in 2016 and can be found at http://computerworld.com.my/tech/emerging-technology/it-industry-in-malaysia-expects-to-move-beyond-tradition-in-2016---part-2/
Sign up for CIO Asia eNewsletters.