While a post about new year predictions may be….well….predictable, I’m hoping the outlook we have for the next year will provide some new insight into what government and business executives and their cybersecurity professionals should be focusing on.
In 2015 I think we’ll see more attacks on private companies aimed at obtaining customer data and generally wreaking havoc with the companies affected. The impact of these attacks is felt the most in the financial sector (average cost per company of successful cyber attacks is $20.8 million) and we expect that impact, combined with the direct access to finances of customers, will make this sector the golden egg for increasingly sophisticated hackers.
On the other end of the sophistication scale, phishing attacks will both continue and grow in complexity. Once thought of something that only older, less savvy computer users would fall for, phishing will go mainstream. As this article points out, if ICANN can fall for a scheme, no one is immune.
Finally, we see that credential theft will rise with passwords becoming the new currency of hacking. With layered security being implemented, this password/credential level access will be critical for bad actors to get at the data they are looking for. There are a number of password alternative technologies coming to market as well as new solutions for truly authenticating users. These will all be critical in stemming inappropriate access to key systems.
We’d love to hear your thoughts on these predictions as well as your ideas for what will be big in threat prevention in 2015 in the comments.