2015 was a flagship year for cyber security. Several big events occurred in both negative and positive directions. Ashley Madison showed us that sensitive data breached to the public could have dangerous effects. Post-Snowden spying and espionage has taught us that security is more important than ever for companies and individuals. Here are some highlights of the year.
Vulnerability in Healthcare Systems
In February 2015, Anthem – one of the most prominent health insurance companies – announced that a hacker had gained unauthorized access to its IT systems. The breach exposed social security numbers, medical ID numbers, birthdays, addresses and email. Healthcare companies have older systems that aren’t updated and capable of handling newer, innovative cyber threats. It highlighted the need for older systems to be upgraded to handle massive attacks on private data.
Cloud Security Importance
Many businesses are leveraging the cloud for its infrastructure and software, but this makes data more vulnerable to attackers. Security is the biggest concern that’s somewhat halted the cloud’s growth. As more breaches reach the news, companies are deciding to keep some cloud services for the convenience and cost but keeping critical systems in-house. The recent attack on Linode highlights the danger of relying entirely on the cloud.
People Still Fall for Old Hacking Tricks
Hackers are getting smarter by targeting specific executives in an attempt to phish credentials. Malicious email attachments targeted at financial people became one of the trends in cyber threats last year. A recent report showed that people still fall for attachments and phishing, even at the executive level. The report highlights the importance of security awareness for employees to help them see red flags in email messages.
Government Agencies Have Increased Threats
Hacking has gone political. Government agencies and workers are under increased threat as hackers target government websites for political gain and even espionage. The US OPM hack was one such 2015 incident that highlighted this trend. The OPM government website officials were too lax in security and allowed a user data breach. Government networks suffer from the same old, antiquated technology as healthcare systems and are a target because of their outdated systems.
People are The Biggest Risk Factor for Corporations
Surprising to most corporations, people are the biggest risk factor to their security. This was shown as the trend in social engineering increased in 2015. Security awareness, better permissions, and detection systems are needed to prevent stolen data or lost credentials from target employees.
A Push from SEC for Cybersecurity Governance
Because of the massive data breaches in 2015, SEC (US Securities and Exchange Commission) released guidelines specific to investment firms and advisors. The guidelines come after several breaches in financial industries. The guidelines include periodic audits, prioritizing the sensitivity of information, assessing vulnerabilities and implementing the right security controls.
These were just a few trends in 2015, and the lack of security will be a driving factor for future cyber security professionals. It will also drive the way companies store data and keep security a priority in the cloud.