Welcome!

Agile Computing Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Zakia Bouachraoui, Pat Romanski

Related Topics: @CloudExpo, Agile Computing, Cloud Security

@CloudExpo: Blog Post

How Information Security Threats Have Evolved | @CloudExpo #Cloud #Security

Weak points we face today and how to strengthen them

Information security has become a critical priority for many businesses over the past decade, and for good reason. It seems like a new breach is exposed on nearly a daily basis, impacting another organization and its patrons. However, some companies believe that they're safe because they're either too small or too big to be affected by any of these cyberattacks. The truth is that groups of all sizes from Target to your local dentist are being hacked or having their data compromised, and it's causing a major upheaval in the security community.

Businesses tend to also think that they are more protected than they were 10 years ago due to the advancement of safeguarding solutions. However, as security testing tools have developed, so have the threats that aim to breach the cyber walls and grab your information. Let's take a look at how information security threats have evolved, what vulnerabilities we currently face and how to strengthen overall protection.

Where we were
In order to progress, it's first important to understand where we've come from in terms of threats we've once faced and what responses we've taken to mitigate these issues. When you think of offices in 2001, you likely imagine desktops, fax machines and dial-up Internet. Back then, there were 50 million Internet users, 40 million websites and 31 billion sent emails, according to a Microsoft infographic. Hackers were focused on vandalism and denial of service, committing acts mostly for fame and exposing lax security. These individuals were mostly unfunded and unorganized and didn't have a real incentive for the audience they affected.

In this type of environment, many organizations were able to quickly adapt their security strategies or throw up a stronger firewall in order to deter these threats. It was made easier by the fact that all employees traditionally worked in one office and internal IT teams managed company-owned devices. However, things didn't stay this simple, and it's because of this evolution that the security world is going through some major changes to keep up with current technology trends.

State of security now
In the past 15 years, things have developed drastically due to hardware and software

In the past 15 years, things have developed drastically due to hardware and software advancements. Currently, there are over 3 billion Internet users and approximately 1 billion websites, according to Internet Live Stats, and research from Radicati noted that there are 215.3 billion emails sent and received every day. These are obviously major increases from the 2001 numbers, and they show just how much things have changed due to Internet improvements and the proliferation of mobile devices.

Quality software can help deter current information security threats.

As the number of hardware options have changed, hackers have adapted their game to better utilize these new end points. Cyberattackers now are well-funded professionals that often aim to take your information and control your devices. Instead of aiming for a random audience as was traditional in the past, hackers are now gunning for specific targets and have a black market available to sell information. This has created a lot of problems for organizations and has lit a fire under security providers to ensure that data is protected from current and emerging threats.

Threats aren't just external
Although there are many threats that can come from outside an organization, your employees can also contribute to your potential for a data breach. In an interview with Digital Guardian, Ashley Schwartau noted that the biggest mistakes you can make are to assume that employees know your security policies and care enough to follow them. This is especially true when considering phishing attacks and the use of business-approved applications. A report from Intel found that 43 percent of data loss occurs from internal actors, splitting evenly between intentional and accidental incidents. These numbers speak volumes to how vulnerable your staff members are and how you need to train them on the best practices to avoid issues.

Software quality linked to breaches
With the threat of employees using unapproved applications, it's important for businesses to provide them with a program that will fully meet their needs and be convenient to use. If software doesn't have the features workers need to complete their daily tasks, they'll likely turn to consumer-grade applications that will not have the security capabilities your organization requires. This would leave a gaping hole in your protection strategy and give hackers an open door to your most critical data. By conducting software security testing, you can reinforce your applications while still focusing on the functionality that staff members are looking for.

It's also important to note that software in general should be thoroughly tested to ensure better quality and mitigate any actionable defects. The Online Trust Alliance found that 90 percent of breaches could have been prevented in the first half of 2014. This can be done from a combination of educating employees, enforcing password management and conducting regular app testing. Further, CAST Research Labs found a direct correlation between data breaches and poor code quality across consumer applications. By focusing on testing and using the right tools, organizations can mitigate these threats and strengthen their overall security capabilities in the process.

More Stories By Sanjay Zalavadia

As the VP of Client Service for Zephyr, Sanjay Zalavadia brings over 15 years of leadership experience in IT and Technical Support Services. Throughout his career, Sanjay has successfully established and grown premier IT and Support Services teams across multiple geographies for both large and small companies.

Most recently, he was Associate Vice President at Patni Computers (NYSE: PTI) responsible for the Telecoms IT Managed Services Practice where he established IT Operations teams supporting Virgin Mobile, ESPN Mobile, Disney Mobile and Carphone Warehouse. Prior to this Sanjay was responsible for Global Technical Support at Bay Networks, a leading routing and switching vendor, which was acquired by Nortel. He has also held management positions in Support Service organizations at start-up Silicon Valley Networks, a vendor of Test Management software, and SynOptics.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (November 12-13, 2018, New York City) today announced the outline and schedule of the track. "The track has been designed in experience/degree order," said Schmarzo. "So, that folks who attend the entire track can leave the conference with some of the skills necessary to get their work done when they get back to their offices. It actually ties back to some work that I'm doing at the University of San...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.