Yes, it’s that time of the year again, when industry analysts and commentators make their predictions about IT in general, and security in particular. We can expect all the usual – the main industry trends such as cloud and mobile will of course be in the bag, as well as potential recurrences of major security breaches – user data leaks from online sites, defacement or denial of service attacks on high-profile web sites and so on.
While it’s the same every year, this period is also a good moment to reflect on the security landscape and how well prepared we are for the year to come. While all of the above are symptoms, security breaches tend to be caused by people so a good starting point is to get into the heads of the perpetrators – the mad, bad and sad individuals that cause our organisations so much grief.
So, why do security breaches continue to happen? The first, well-documented reason is that there is financial gain to be had (as illustrated by the criminal who, when asked, “Why do you rob banks?” simply responded, “Because that’s where the money is!”). The black market for personal information or intellectual property is thriving, and organisations continue to be held to ransom by hackers.
The second reason – which has re-emerged over the past few years – is to attack sites simply to make a point. While participants in ‘hacktivist’ groups such as Anonymous may be painted as ‘martyrs to the cause’ it is difficult to ignore the likely buzz of impressing peers that goes with such high-profile attacks.
The third main reason is simple ‘having a go’, through malice or stupidity. Insider threats fall into this category, from IT support staff finding a back door into the HR database, for example, or bank clerks checking an ex-partner’s financial records, or sending inappropriate content to other employees, or examples of fraud or misappropriation of identity by ex-employees. Equally, people can take simply idiotic actions, such as running poorly designed scripts with admin privileges, or indeed, leaving computer systems wide open to external attack.
It – IT – was ever thus. So while we talk about the threat landscape becoming more complex (which it is) and the nature of breaches finding unexpected ways through our protective measures, the one certainty we have is that people will continue to act in similar ways to how they have always acted. You can expect Murphy’s Law to apply, in that the one area of security that you have inadvertently ignored will be the one that the bad guys use to get in.
So, organisations should continue to be vigilant, spare some time to think about what might go wrong and ensure they have suitable contingency plans in place, for both the services and data they rely on.
Please also take a look at my video where I talk about my predictions for the year ahead. I look forward to your comments.