Integrity of Big Data
Data has always impacted decision making, but with the increasing popularity of big data, organizations are relying more heavily on analytics. But do we really know how reliable the data is? Sure, human error can result in some issues now and again, but that's not our biggest concern. If a hacker can breach a system to steal data, they can certainly breach a system to manipulate data as well. Corporate espionage could turn into corporate sabotage pretty easily when companies put too much emphasis on analytics. The 2015 Monaco Grand Prix is a prime example of over-reliance on data. Lewis Hamilton, the driver for Mercedes, had a significant lead for almost the entire race until there was a crash near the end. The crash slowed him down, but the data still showed that Hamilton would have enough time to pit for fresh tires and keep the lead. Anyone watching could tell there was no longer a large enough gap, but Mercedes decided to rely on the data anyway and they lost the win. This just goes to show that data should inform decisions, but not drive them (pun intended).
Mobile & BYOD
With the increased adoption of BYOD, organizations are making their systems more accessible for remote workers and employees with mobile devices. Of course, the more doors you add for entry, the more security you need. Access management becomes increasingly difficult as you add additional outside devices. Your system may recognize the outside device as belonging to "Jim," but how do you know it's actually Jim on the other end? Organization should incorporate user devices into their existing asset management policies and procedures. It's also important to inform employees of the safety risks and train them so that they can protect themselves and the company.
Cyber criminals are increasing in number and becoming more innovative, but the same cannot be said for Information Security professionals. Organizations need to retain and update their current employees as well as recruit new talent. It's important to continually train Information Security employees so that they can be prepared to handle any new security threats.
Cybercrime and Hacktivism
More criminals are moving to cyberspace and they're becoming increasingly sophisticated and coordinated. A German Security firm, G Data determined that 12 new malware strains are being created each minute. Hackers are always looking for a new way in so organizations need to start being proactive about their security instead of reactive.
Identity theft has been an issue for a while but the addition of biometric authentication techniques has added a whole new dimension to the problem. Over 5 million finger prints were stolen from OPM during the data breach in 2014. Cyber criminals have already come up with multiple ways of falsifying biometric data to bypass these new authentication methods. If biometric authentication becomes more widely adopted, we may see an increase in identity thefts.
If you are in need of Information Security training, please check out some our courses below or view our full course list here.
- Certified Information Systems Security Professional-CISSP
- ASA Essentials v3.0 (ASAE)
- EC-Council Certified Ethical Hacking and Countermeasures (CEHv9)
- Certified Information Security Auditor (CISA)
- Certified Information Security Manager (CISM) Certification
- Secure Java Coding