What will create cybersecurity challenges in 2015?
Security experts at Unisys predicted even greater cybersecurity challenges in the year ahead as continued growth in the use of mobile devices and applications in the workplace, along with increased business-related usage of the Internet of Things, outpace organizations’ ability to protect their critical data.
“As devices and items such as cars and home appliances are connected to the Internet, they present more opportunities for the bad guys to get to consumers’ private data and even into their homes,” said Dave Frymier, VP and CISO at Unisys. “For better or worse, the cyber world is changing faster than the security models used by most organizations, and that will continue to leave us vulnerable to cybercriminals.”
Unisys experts said 2015 will see the public demanding new ways to protect their online identities in the wake of several highly publicized data breaches involving the personal data of millions of U.S. consumers. The introduction of mobile payment solutions like Apple Pay has begun to address this need for stronger online security protection.
“In 2015, the trend will morph from BYOD (bring your own device) to BYOID (bring your own identity),” said Terry Hartmann, VP of security solutions and industry applications at Unisys. “Consumers need a central gateway device that belongs to them and is associated with their unique identities.
“Given that most consumers already have such a device, authentication will move from the back end of transactions to the front end – the consumer’s device,” Hartmann added. “Increasingly, users’ identities will be authenticated through ID codes, IP addresses and tools such as biometric readers built into smartphones. Meanwhile, the back end will serve as an ecosystem for risk assessment.”
As mobile devices are used for Internet of Things applications such as remote control of household appliances, health monitoring devices and hotel room keys, the need to verify the identities of mobile device users will become even more urgent.
Unisys also predicted that despite the widespread publicity of recent large data breaches at major retailers, U.S. consumers, retailers and financial institutions will not readily embrace the use of chip-embedded credit cards requiring users to enter personal identification numbers when making a transaction.
“Rather, I can see consumers and retailers rapidly adopting solutions like Apple Pay because they are quicker and easier to use than a credit card,” said Frymier. “This also will save consumers the trouble of replacing lost credit cards. If a phone is lost, you can simply disable the phone and revoke the credentials stored on it.”
Unisys predicted increased use in 2015 of security analytics and data forensics tools within businesses to combat cybercriminals. Such tools can detect and respond to unusual behavior on the network, allowing organizations to respond to and recover from cyberattacks faster.
With the growing use of cloud infrastructure services and the advent of fabric-based computing, security professionals will find it increasingly difficult to segregate network traffic using traditional firewall technology, Frymier noted.
As computing platforms proliferate, data that had previously been split up and partitioned among physical infrastructure will converge in the cloud, making it more difficult for security professionals to isolate and protect their most critical data and systems. Encrypted communities of interest can help address this problem.
“Cybersecurity problems will continue to exist because technology is changing at a faster rate than organizations can put security measures in place,” Frymier said. “As long as the pace of technological innovation continues at this rate, there will continue to be unhappy discoveries of vulnerabilities like Heartbleed, ShellShock and the rolling drumbeat of ‘patch Tuesday.'”