As per survey records, it has been exhibited that more high-profile targeted attacks with motivations of stealing information, making a statement and permanently destroying company data assets. An increase in large cloud-based attacks, need an immense focus on IT security.
Retailers are using EMV technology, Google Wallet and Apple pay to prevent retail related attacks, still the rate of attacks is increasing in size and number as well. The fact behind it, is the implementation of EMV is not completely adopted by enterprises in the current year, there are stillolder and newer credit card processing technologies in use. Most of the credit cards are used by the older technologies and continuing with the sameevenmerchants continue to store credit card data on their systems, which results in large scale breaches in recent years. It has been a large number of smaller breaches, where IT security is weak for stealing of data to hackers.
cyber executives and security experts are the biggest protectors.There is an immense need to look on the issues on cyber security, and if required increase the budget to protect themselves. Now, we need to see how the current market resolved this situation in a concern of cybersecurity breaches, and how responsible the Board of Directors and senior management, including the CEO. It may possible that board members and the CEO as well as the industries may face class-action lawsuits from shareholders, customers and partners whose data has been compromised in a security breach, as demonstrated in the Target breach. Additionaly, the employment of the CEO as well as other senior management will be in risk for the lack of comprehensive security oversight.We are mentally accepted that we will see more of these Target-style scenarios where the CEO and senior management will be held accountable for their companies lax security posture. There will be calls from shareholders and investors to change the board or management team in high-profile breaches. From the committee members point of view, it will be interesting to see how board members will be implementing new plans and procedures to secure themselves from responsibility in the event of a data breach. It is likely, given the types of attacks that have appeared that a regular security review will become a common practice for senior executives and board members across all size companies.
We can say that large companies will require and demand that small vendors and suppliers do business with attest to implementing security best practices as well as engage in regular review of their supplier and vendor’s security posture. Cyber insurance providers will not only audit large companies buying cyber insurance but also go downstream to audit their suppliers/vendors.
Government’s Role in cyber attacks
We expect state attorneys general and the federal government to become more active advocates of consumer protection. They will take steps to hold companies, executives, and board members accountable. Companies will no longer be able to get away with lax security practices just by providing a year of free credit monitoring services. Consumers will become more vocal and initiate class-action lawsuits holding companies accountable for damage to consumers’ credit history traced to a breach. As a result, companies of all sizes, including small and large, will begin to look for help in addressing security around the clock. Since no companies can state they are secure with 100 percent confidence, companies will begin to change their approach to security and start implementing both proactive and reactive security strategies.
Increased ‘copy cats’
It has been seen that the Sony breach has proven to be a very successful endeavor for the hackers, we can guess that we will see additional copycat Sony-like breaches in coming years. We will see significant business disruptions. This will be the result of intruders removing highly sensitive data, making networks and systems inaccessible, as well as creating fear in employees by threatening to leak personal data.Companies that do not have well thought out security plans as well as disaster recovery strategies will become headline news in current year. These industries will face debilitating business interruptions, intellectual property losses, loss of employee morale and will cost a significant price to recover from attacks.
Security professional shortage
Finally, 2015 will continue to see a shortage of trained security staff to meet the changing threat landscape. As a result, organizations of small and large sizes will look outside help and partner with security service providers.
According to the reports from Burning Glass Technologies, which creates technologies designed to match people with jobs, observed that the demand for people with cybersecurity skills has grown 3.5 times more than the demand for professionals in other computer oriented jobs. There is a need forcybersecurity professionals in both the private sector and in government.According to the need and the jobs,experienced people are difficult to find.This is a global problem, where another solution isimportingcybersecurity professionals.