In another article contributed exclusively by Ivan Wen, Country Manager of Sourcefire Malaysia (now part of Cisco), Wen touches on IT security trends and predictions in 2014. Read on for full insight.
Each year, we begin to see a raft of predictions from companies, analysts and other opinion leaders on what the newest trend businesses and consumers will face in the coming year.
While predictions certainly do grab attention, seldom do they throw up any huge surprises. Of course you would not expect it any other way, after all, few things arrive unexpectedly or suddenly in the IT world. Fewer still in IT security.
The reality is that cybercriminals are professionals and hacking today is an industrial process that follows the opportunity and the money. There is a direct correlation between the popularity and the pickup of new programmes and applications, and the increase in cyber-attacks on those apps and programmes.
After all it is a numbers game. If businesses start to use a certain tool, then it is worth the cybercriminal gangs investing their time to find an exploit and way in via that tool to infiltrate the network and make money. If the application is a specialist one few use, it is unlikely to be worth the criminal’s efforts to exploit it.
Cybercrime today is not like the early days of virus writers and hackers who bragged about their exploits with friends. Today cybercrime is a serious business where actually most hackers do not want to be noticed as the longer they remain hidden in the network and are free to conduct their operations, the more information they can steal and the more money they can make.
So what are the IT business trends we see today that will be driving the cybercriminals activities next year and beyond?
Everything is moving to the cloud
While ‘cloud’ is seen as a new trend, for those of us who grew up when William Shatner was Captain James T Kirk, boldly going across the reaches of space, it’s effectively just a new name for the old practice of ‘hosting’ or Software As A Service or outsourcing. Many security companies are taking advantage of the cloud to enhance the effectiveness of their own products and services, but it also creates challenges for the IT department due to loss of governance and concerns about segmentation from other parties in the cloud, to potential data loss and leakage. There are many possible security risks to consider when deploying a cloud-based strategy.
Mobility is everything
Bring Your Own Device (BYOD) is another buzzword, however the proliferation of smartphones and tablets and other employee-owned mobile devices is that they access corporate resources outside of the control of the corporate IT function. This means it can be difficult to identify even basic environmental data for these devices, such as the number and type of devices being used, and the operating systems and applications.
Data centre’s rule the world
The data a company hosts in its data centre is very often the crown jewels of that company. By ensuring you have good visibility across the data centre, we can better understand what is happening on the network and effectively take action based on this new information. At the end of the day, better visibility allows for better protection.
Android will continue its dominance
There has been a sharp increase in malware designed for mobile platforms and kits are now being sold in the underground market to help hackers target mobile banking. Android devices, in particular, due to the open nature and less stringent security testing are directly in the crosshairs of hackers as threats proliferate and the user-base expands with little thought given to security.
If we believe these are the trends we all recognize, then we can be pretty confident that the cybercriminals will continue to look for routes to target these areas. We know that because they are already.
I can say with some confidence that the battle between IT security and cybercriminals will continue in 2014 and beyond. Criminals will look at vulnerabilities and other holes in companies’ defenses to exploit their network, and security companies will continue to plug those holes and look at new ways to thwart their activities. But what I feel completely confident about predicting for 2014 is that it is increasingly not a question of if you will be attacked, but when.
Most corporate security teams recognize that when it comes to IT security, there is no silver bullet to keep you safe, and it is far better that they plan their corporate networks assuming that they will be compromised at some point, so then it becomes a question of knowing when that happens and containing and repairing the damage to brand and reputation that results.
About Ivan Wen
Ivan Wen has been appointed the Country Manager of Sourcefire Malaysia since January 2011. In his role, he assumes overall responsibility for driving business growth and profitability of Sourcefire in Malaysia and leading the planning and strategic direction, sales and support operations of the business.He also plays a key role in increasing customer satisfaction, working alongside the Company’s network of channel partners responsible for all Sourcefire’s business operations here in Malaysia.
Mr Wen has over 28 years of sales and management experience with proven track records in several Multinational Companies (MNCs). Prior to joining Sourcefire, he was the Country Manager for Tipping Point, the network security division of 3Com.
He started his career in NCR Malaysia as a Trainee Marketing Representative and worked the ranks to becoming a Sales Director. From 1989 to 1996, he was based in NCR Singapore. In January 1998, he joined Fujitsu Malaysia as a Sales General Manager for Fujitsu Malaysia. That followed on by Mr Wen joining Lotus Sales and Services Malaysia in August 2000 and becoming the Country Manager for Malaysia. In March 2004, Mr Wen started F5 Networks Malaysian operations and led the company to a market leadership position in the Application Delivery Controller market in Malaysia.
Mr Wen holds a MBA from Henley Management College of London. He has received strings of recognitions and awards along the years.