Security predictions for 2016

January 2016 Editor's Choice, Cyber Security

A year in cybersecurity can seem like an eternity. But despite the rapid changes, many things remain constant. Check Point’s top three predicted security threats for 2015 were the rapid growth in unknown malware, in mobile threats, and in critical vulnerabilities in commonly used platforms (Android, iOS and others).

Doros Hadjizenonos, country manager of Check Point South Africa.
Doros Hadjizenonos, country manager of Check Point South Africa.

These were fully realised, and are likely to remain a significant threat. The cat-and-mouse game that has typified cybersecurity in recent years continues, with hackers constantly finding new ways in which to attack networks – as this year’s high-profile breaches showed.

Here are ten IT security threats and trends that I expect we will see during 2016.

‘Sniper’ and ‘shotgun’ malware

We believe that larger breaches in 2016 will be the result of custom-designed malware designed to get past the defences of specific organisations, such as the attack on US retailer Target. While generic, broad-brush attacks will continue to threaten individual users and small enterprises, hackers will raise their game when attacking larger organisations with more sophisticated security postures. They will use deeper, more sophisticated phishing and other social engineering tricks to gain access to the data that they want.

Moving to mobile

Mobile attacks continue to increase as mobile devices become more commonplace in the workplace, offering hackers direct and potentially lucrative access to personal and corporate data. Our 2015 Security Report found that 42% of organisations had suffered mobile security incidents which cost more than $250 000 to remediate, and 82% expected incidents to rise. This year has also seen several high-profile mobile vulnerabilities emerge, including Certifigate on hundreds of millions of Android devices and XcodeGhost, the first major malware infection targeting non-jailbroken iOS devices. We expect to find more major mobile vulnerabilities in the next year.

Threat prevention

In the ongoing battle between hackers and security professionals, attackers are increasingly deploying more sophisticated, custom variants of existing malware and zero-days that can bypass traditional sandboxing technology. These new attack vectors require more proactive and advanced solutions that catch evasive malware. CPU-level sandboxing is able to identify the most dangerous threats in their infancy before they can evade detection and infect networks.

Attacks on critical infrastructure

In December 2014, a steel mill in Germany was hit by hackers who accessed the plant’s production network and caused ‘massive’ damage. Also, the US Department of Homeland Security says that Havex Trojan infections had compromised industrial control systems in over 1000 energy companies across Europe and North America. Attacks on public utilities and key industrial processes will continue, using malware to target the scada systems that control those processes.

IoT and smart devices

The Internet of Things is still emerging and is unlikely to make a big impact in 2016. Nevertheless organisations need to think about how they can protect smart devices and prepare themselves for wider adoption of the IoT. The key questions users need to ask is ‘where is my data going?’ and ‘what would happen if someone gets hold of this data?’

You wear it well

Wearables like smartwatches are making their way into the enterprise, bringing with them new security risks and challenges. Organisations that permit these devices need to ensure that they are protected with encryption and strong passwords.

Trains, planes and automobiles

With modern cars featuring more gadgetry and connected systems than ever before, we need to apply protection to these in-car systems – and the same applies to the complex systems in passenger aeroplanes, trains and other forms of public transport.

Real security for virtual environments

Virtualisation has been adopted rapidly in the enterprise over recent years, whether it’s through SDN, NFV or cloud computing. Virtualised environments are complex and create new network layers, and it’s only now that we are seeing a real understanding of how to secure these environments. As organisations move to virtualised environments, security needs to be designed in from the outset to deliver effective protection.

New environments, new threats

2015 has seen the launch of a number of new operating systems, such as Windows 10 and iOS 9. Cyber-criminals will turn their attention to trying to exploit these new operating systems where updates are more frequent and users are less familiar with the environment.

To protect against multifaceted threats, security professionals are likely to increase their reliance on centralised security management solutions. With large enterprises having a plethora of different security products on their network, consolidation offers a way of reducing both complexity and cost. Having many point products and solutions quickly becomes unmanageable and can actually impede, rather than improve security, so consolidating security provides an effective way to cut complexity and make for easier management, so that new threats don’t get lost in the gaps between systems.

For more information contact Check Point South Africa, +27 (0)11 319 7267, doros@checkpoint.com, www.checkpoint.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Read more...
2020 Residential Estate Security Conference in KZN
November 2019, Technews Publishing , Editor's Choice
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

Read more...
Sentian secures funding from Imfezeko
November 2019, Sentian , Editor's Choice
Cape Town based smart security technology developer Sentian has recently secured a round of funding from Imfezeko Investment Holdings.

Read more...
A brighter future
November 2019, NEC XON, Technews Publishing , Editor's Choice
NEC XON hosted its annual summit in October 2019 at Sun City under the banner of ‘Orchestrating a Brighter World’.

Read more...
What are the cybersecurity issues in video surveillance?
November 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
he importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

Read more...
Big data operational and management requirements
November 2019, Leaderware , Editor's Choice
Big data offers huge advantages in enhancing or augmenting data, giving it added meaning and context, creating a broader perspective in which to view things, and adding to the value of data.

Read more...
GUI for fire detection systems
November 2019, FDIA (Fire Detection Installers Association) , Editor's Choice
A graphical user interface for fire detection is a graphics program that makes it easier for the operator to access all the functionalities of the fire detection system.

Read more...
Determining and mitigating risk: Where to begin?
November 2019 , Editor's Choice
Managing risk means proactively reducing the severity or seriousness of that which has not ‘yet’ occurred, says Lesley-Anne Kleyn.

Read more...
A platform approach to innovation and value
CCTV Handbook 2019, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure
Moving to the platform model of doing business holds tremendous advantages for end users and smaller developers, but also for the whole technology supply chain.

Read more...
Open does not always mean easy integration
CCTV Handbook 2019, Veracitech, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Customers who opt for best-of-breed solutions will have to rely on their integrators to develop customised integrated solutions for them.

Read more...