As 2014 ends, many experts in the industry are giving their thoughts on what the New Year will look like from an IT security perspective. From the top ten malware threats to a growing list of security challenges, you’d be forgiven for thinking that CIOs and CISOs face an uphill battle in 2015.
Here, we look at the 3 key things that should be on your radar for the next 12 months and how, through a positive approach to security, you can overcome the most common challenges.
1. Malware will be stealthier and more evasive
Malware is a business, and like any business it will seek to overcome any disruption to revenue streams. As such it adapts quickly, evolving into stealthier, more evasive forms. With thousands of new threats emerging on a daily basis, 2015 will see malware become more targeted, harder to detect and shutdown.
With antivirus software declared ‘dead’ in 2014 due to its ability to prevent against only 50% of attacks organizations should look to employ a Defense in Depth (DiD) strategy in its place. Layering proactive technologies like Privilege Management, Application Control and Sandboxing, to predict, detect and prevent intrusion will greatly improve your security posture for the year ahead.
2. Data will take center stage
Following wide spread data loss in 2014, organizations will be looking to take control over who has access to business critical data. This starts with the user accounts and privileges through to controlling and monitoring access to files and databases with active anomaly detection. Regular reviews of user roles and access requirements should become common practice.
Take control of access to your data by employing Privilege Management technology. This, combined with other proactive defenses, can mitigate the risk of compromised data and safeguard business critical information.
3. Firms will be thinking smarter about their security
After the so-called Year of the Breach of 2014, next year will force organizations to think smarter about their security, building security from the ground up rather than relying on reactive “detective” measures. CIOs and CISOs understand there is no such thing as 100% so will be looking to prioritize those solutions which provide the biggest wins.
Having a multi-layered approach, as recommended by leading industry bodies such as SANS, Council on Cyber Security and the Australian Department of Defense is an easy and highly effective way to improve security.
Find out more about how to make your 2015 a secure one by learning more about Avecto’s Defendpoint software. You can also watch Andrew Avanessian, EVP of Consultancy and Technology Services at Avecto discussing how to balance security with user freedom via our YouTube Channel.
James Maude, Lead Cyber Security Researcher
James Maude is the Lead Cyber Security Researcher at BeyondTrust’s Manchester, U.K., office. James has broad experience in security research, conducting in-depth analysis of malware and cyber threats to identify attack vectors and trends in the evolving security landscape. His background in forensic computing and active involvement in the security research community makes him an expert voice on cybersecurity. He regularly presents at international events and hosts webinars to discuss threats and defense strategies.