Scoop has an Ethical Paywall
Work smarter with a Pro licence Learn More

Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

CyberArk Makes Security Predictions for 2015

For Immediate Release
CyberArk Makes Security Predictions for 2015

Singapore. January 23, 2015 – CyberArk (NASDAQ: CYBR), the company that protects organisations from cyber attacks that have made their way inside the network perimeter, today outlined its security predictions for 2015.

Sony is not an anomaly
In terms that Sony is being called out for in terms of poor security are very common across enterprises. The prevalence of poor password policies is mindboggling – CyberArk sees this all the time when we meet with prospective customers at large Global 2000 enterprises. Unknown/undiscovered service accounts, privileged passwords that have not been changed in as many as 25 years! Exploitation of privileges allowing attackers undiscovered on a network for months/years.

Reign of the insider threat
The insider threat is expected to take centre stage, with greater sophistication, in the security landscape in 2015 as they have proven to be the quickest way to breach networks and steal data. Rogue employees today not alone collaborate with external cybercriminals and are armed with sophisticated technologies. Organisations will start to be more aware that insider threats cost more than being breached by an external attacker, and continue to invest more in behaviour indicators and classifying data and monitoring access.

The Kevin Bacon effect of Remote Access
The ‘six degrees’ that separate attackers from your IP / data often include a vendor with access to your systems or other remote access. Threat investigators have traced attacks to non-traditional targets such trucking companies and all types of professional services firms, from management consultants and auditors to litigation attorneys, frequently as a key step in an attack on a business partner. Our research shows 60 per cent of businesses now allow third-party vendors remote access to their internal networks. Of this group, 58 per cent of organisations have no confidence that third-party vendors are securing and monitoring privileged access to their network
The Internet of Things (IoT) in enterprises
In 2015, enterprises will start to adopt devices that communicate with each other, giving rise to the Internet of Things (IoT). According to Gartner, 4.9 billion connected things will be in use next year, an increase of 30 per cent from 2014. Security issues surround IoT will also gain traction due to the fact that these devices are not inherently secure which could potentially lead to device hacks or data leakages. Organisations will increasingly be concerned with who manages and operates these devices, and technology approaches to manage the security and risk of IoT.

Advertisement - scroll to continue reading

Are you getting our free newsletter?

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.

The emergence of more severe banking threats
Malware targeting the banking industry is expected to be more advanced in 2015. Other than the usual phishing and social engineering attacks, banking malware used by cybercriminals are expected to be stealthier, being able to hide on networks, targeting privileged accounts. They will also have capabilities such as being able to steal users' credentials, along with harvesting data to send back to command-and-control systems used by cybercriminals. This will prompt enterprises to invest is safeguarding and restricting access to data on networks.

Healthcare industry gains popularity among cybercriminals
The healthcare industry will be a key target of cyber attackers in 2015. A report by BitSight Technologies has already found that the healthcare and pharmaceutical industry ranks the lowest in terms of security performance compared to the finance, utility and retail sectors. Such data has a longer shelf life and are therefore more valuable than users' financial data which are likely to change over time. We expect to see campaigns targeting patients' records in the healthcare industry. With IoT gaining traction among organisations, there could potentially be security breaches of medical devices such as pacemakers.

Data protection laws in full force
While legal frameworks have started to be firmer, 2015 will see more rapid developments surrounding data protection law. This will put added pressure on organisations in the region to secure the data of customers. This includes coming up to internal data protection strategies such as having privileged and restricted access to more sensitive customer data.

Social media, tools as a threat frontier
Social media, along with collaborative and social tools such as Google Docs have gained traction in recent years and the trend is expected to continue into 2015. However, social media and tools are set to be the next threat vector for enterprises. Many organisations have corporate social media pages but do not have the same vigilance level when it comes to security, as compared to sensitive corporate data. Social media accounts are effectively poster children for the vulnerabilities associated with shared privileged accounts. Hackers and malicious insiders will target the passwords for these accounts, which are easy to crack and are shared among teams.

Cloud adoption drives privileged account security
Organisations have turned to cloud computing and mobile devices to stay competitive as well as increase the productivity of employees in recent years. As the use of cloud continues to grow in enterprises in the year ahead, SaaS, PaaS and IaaS will lead to an explosion of privileged accounts due to its presence of third-party vendors on internal networks. Organisations will look to enhance security of privileged accounts with more capabilities such as context-aware access controls and automatic credential management.


About CyberArk
CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including more than 35 percent of the Fortune 100 and 17 of the world’s top 20 banks – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikvah, Israel, with U.S. headquarters located in Newton, MA. The company also has offices throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
GenPro: General Practices Begin Issuing Clause 14 Notices

GenPro has been copied into a rising number of Clause 14 notices issued since the NZNO lodged its Primary Practice Pay Equity Claim against General Practice employers in December 2023.More

SPADA: Screen Industry Unites For Streaming Platform Regulation & Intellectual Property Protections

In an unprecedented international collaboration, representatives of screen producing organisations from around the world have released a joint statement.More

 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.