2015 promises to be an interesting year in cyber security. Iād like to offer some predictions.
Global Surveillance and Privacy
New revelations about global surveillance will continue to generate debate in 2015. The vast number of documents provided by Snowden will keep journalists busy for some time to come. So far the material has focused on the U.S. and U.K. governments, although it is likely that we will be hearing more about Australian, Canadian, and New Zealand involvement this year.
While some governments have been victims, most appear to embrace the Internet as a mass surveillance platform and are only likely to object when significant national interests are threatened. Law enforcement and intelligence agencies will continue to press for additional powers and to legitimize their current surveillance operations. Governments will focus on protecting their more sensitive agencies and economically important corporations while the rest will be left to fend for themselves. Personal privacy will continue to erode.
Privacy concerns will not achieve a critical mass in Canada during 2015. The upcoming federal election, either in the spring or autumn, will occupy the political agenda in Canada for most of the year. The conflict between the law and order agenda and personal privacy rages on in Canada. Politicians will avoid issues such as privacy and global surveillance until after the election.
What we will definitely see this year is the launch of several new surveillance-resistant technologies and services, some of which started development in 2014. What remains to be seen is how rapidly they will be adopted and how governments will respond. It is unlikely that they will become mainstream in 2015.
Major Security Breaches
The tidal wave of payment card breaches will continue to sweep across the retail landscape. While the retail sector has undoubtedly learned from the massive breaches of 2013 and 2014, the significant changes required to combat this type of crime have not yet occurred.
Large retailers have tremendous tasks ahead, including re-architecting their networks, deploying more secure point of sale systems, hiring more security professionals, and empowering them to get the job done. Applying point solutions may help in the short term, but as long as criminals are able to profit from stealing payment card information a highly motivated threat will remain. Protecting their information systems requires major investments that many retailers are not yet prepared to make.
The recent massive security breach at Sony should serve as a warning to other corporations. Attacks of this magnitude will become more frequent, but perhaps not as public. Intellectual property theft will be a strong motive as well as disrupting companies for financial or ideological reasons.
Advanced Threats
In the past year there has been much finger pointing over high-profile hacks such as the current situation at Sony. Some blame North Korea, while some believe another actor is to blame. Exposed in 2014 was that criminals and governments generally use the same tradecraft for computer and network exploitation. In 2015 it will become increasingly difficult to differentiate state-sponsored attacks from those perpetrated by resourceful criminals. From a defensive security perspective they look the same.
Email and web browsers will continue to be the major attack vectors in 2015 because they work. However, as defences to these vectors improve, others like hardware and software supply chain attacks will become more prevalent.
Traditional anti-virus software provides little meaningful protection from advanced threats, and in 2015 the security value these products provide will continue to decline. Corporations will slowly shift spending away from anti-virus subscriptions, opting instead for free alternatives such as Windows Defender in Windows 8.
Products that detect advanced malware by executing samples in virtual environments were heralded as the forefront of advanced threat protection in 2013 and 2014. They will decline in value this year as targeted malware authors refine techniques to evade them. An arms race will result and the cost of operating this class of product will increase while the security value provided decreases.
Products that bring strong policy-based execution control to the endpoint ā in other words advanced whitelisting ā will become more popular in 2015. This approach will prove much more effective than traditional antivirus or automated systems that attempt to detect malware. Adoption will take some time because implementing this type of solution requires IT organizations to adopt more disciplined approaches to software and patch management.
Finally, most organizations will come to the realization that it is extremely difficult to prevent all intrusions and that they must prepare for that eventuality. Evolving products that use big data techniques to perform security behaviour analytics and detect suspicious behaviour will make a strong showing in 2015.
This article was originally published at IT in Canada Online.