BYOD, IoT among security risks to enterprises next year, says ISF
The top six information security threats in 2014 are BYOD, data privacy in the cloud, brand reputational damage, privacy and regulation, cybercrime and the Internet of Things, according to the non-profit Information Security Forum.
The forum warned that the individual threats are not "mutually exclusive" and could combine to create greater threat profiles.
"As we move into 2014, attacks will continue to become more innovative and sophisticated. Unfortunately, while organizations are developing new security mechanisms, cybercriminals are cultivating new techniques to circumvent them. Businesses of all sizes must prepare for the unknown so they have the flexibility to withstand unexpected, high impact security events," says Steve Durbin, global vice president of the ISF.
Two threats in particular should be of concern to enterprises: BYOD and the Internet of Things.
BYOD risks come from both internal and external sources, such as device mismanagement, external attacks on software holes and use of insecure business apps. "Keep in mind that if implemented poorly, a personal device strategy in the workplace could face accidental disclosures due to loss of boundary between work and personal data and more business information being held in unprotected manner on consumer devices," ISF observes.
In addition, the explosion in the number of connected machines--the Internet of Things--is opening up enterprises to security risks.
"The security threats of the IoT are broad and potentially devastating and organizations must ensure that technology for both consumers and companies adhere to high standards of safety and security," ISF notes.
Durbin concludes: "By adopting a realistic, broad-based, collaborative approach to cyber security and resilience, government departments, regulators, senior business managers and information security professionals will be better able to understand the true nature of cyber threats and respond quickly, and appropriately."
- read the ISF release