Information security has become a buzzword with consumers thanks to high-profile data breaches at Target, The Home Depot and other national chains. Despite these changes, companies should still be ready to handle electronic incursions into their computer systems to prevent exposure of private customer and company data.
InfoWorld chief information office Thor Olavsrud warns readers of the biggest security threats from 2015 to 2017, thanks to the Information Security Forum's annual publication called Threat Horizon. Companies should be wary of different types of data breaches that use various strategies to try to break through encrypted networks.
Disruptive technology can be good for innovation and technology as new ideas and inventions create better markets for devices and software. However, the same disruptive technology can be used to invade networks and compromise a company's information security protocols.
Virtually everything is connected to some kind of information network, including smartphones, laptops and tablets. Sales of these mobile devices should outpace sales of computers by 2017, making information security an increasingly mobile problem. When technology connects to other systems with apps, wireless networks and specialized programs, companies must respond by having new information management systems in place to deal with the added workload.
Cyber security threats are backed by organizations with big budgets that often pay good money to people who can breach networks. Companies can mitigate these groups by banding together and sharing information regarding threats.
Targeted attacks in a few key areas of society could have devastating effects. In 2011, the Department of Homeland Security noted 11 of 15 critical infrastructure systems relied on GPS. If one of these GPS features go down, such systems could be thrown into chaos. Another example of a security information breach that affects society was the April 2013 hack of the Associated Press' Twitter account. Someone posted a false story that an explosion at the White House injured the president, which sent American stock markets tumbling for five minutes.
Network systems could become weaponized on a large scale. For instance, if a hacker exploits an information security weakness in Oracle programming, Apple's iOS or Cisco routers, entire Internet providers could go down. Companies should watch out for systemic vulnerabilities that cause extended outages, especially if technology firms have huge client bases that rely on a program's functionality to work constantly.
Continued support for legacy technology means outdated computer programs could be vulnerable to attacks. In 2014, 95 percent of ATMs in the United States ran on Windows XP, an operating system Windows stopped supporting that same year when it discontinued security patches for the program. Companies may not be willing to spend a lot of money to maintain or modernize legacy systems that use old operating systems, but firms should modernize as soon as possible to prevent irreversible damage caused by threats to old technology.
Despite huge breaches of customer privacy, large companies eventually rebounded later with higher stock prices. Firms should be aware that government agencies, such as the European Union, may create rules and regulations that define fault and levy fines on companies that have information security problems. Eventually, businesses may have to answer to a federal judge in an American courtroom if customer information becomes a liability rather than an asset.
Photo courtesy of Stuart Miles at FreeDigitalPhotos.net