This outlook is the result of a review of current market trends from the perspective of leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK.
The continued proliferation of sophisticated cyber attacks at every level of the supply chain is of major international concern. At the same time, consumers are rapidly increasing opportunities for attack with demand for connection to the Internet of Things. Companies, both in the US and internationally, will be pressured with stricter compliance requirements and face increased consumer backlash in the event of a breach because consumers are frequently willing to use social media to vent frustration over compromised data.
These are just a few examples of trends that underlie the global security landscape and will drive consumer and business decisions in 2015.
1. Compliance: Pressure on Businesses is Mounting. IT security budgets will increase and so will the costs of data breaches, fines and lawsuits for violations of data protection. Against this backdrop, and the increasing risk of becoming a victim of a cyber attack (see also APT), companies will have to invest in information security governance systems that are effective and geared toward the risk and also adapt their processes and tools accordingly. More often, emergency management systems will be converted into business continuity management systems.
2. Advanced Persistent Threat (APTs): More Businesses Calling on Outside Specialists. Organizations cannot successfully fend off targeted, sophisticated attacks using conventional tools and methods. Many organizations are compromised without even knowing it. That is why companies are increasingly calling on outside specialists to use cutting-edge technologies and up-to-date expertise to recognize APTs and mitigate their impact as quickly as possible. TÜV Rheinland and OpenSky expect that a security incident response team (SIRT) will be in higher demand in 2015 than ever before. That goes not only for small to medium-sized enterprises (SMEs) but also major corporations.
3. The International Patient: Medical Device Cybersecurity. Once again, the main risks in 2015 include attacks on medical devices. The theft and sale of patients’ sensitive information is driven by insurance fraud, and gaining access to medical care or prescription drugs through stolen identities. In future, the healthcare industry will become more similar to the industrial manufacturing industry by placing as much emphasis on cyber security to protect patients’ sensitive information.
4. The Internet of Things (IoT): A New Dimension in Security Risks. The IoT is painting a clear picture of things to come. Market researchers like Gartner believe that in 2015, we will already be surrounded by 4.9 billion interconnected devices. By 2025, that number is expected to reach as many as 30 billion. The IoT is being driven by trends that include the optimization of existing business models, such as marketing, via geolocation services, smart homes, connected cars, and Germany’s Industry 4.0 project.
5. Industry 4.0: Security Enforcement Is Not Optional. IT solutions for remote maintenance of facilities and equipment, smart production plants and autonomous processes, even closer linking of administrative and production-related systems, high-tech automated solutions – the need for people inside production facilities is going to dwindle more and more. Machines and workpieces will soon be making many decisions themselves by exchanging data.
6. Connected Cars: Connectivity more crucial than horsepower. Real-time maintenance information, location-based recommendations, up-to-the-minute traffic advisories, and music streaming – in 2015 connected car features will become the main selling points for buyers. According to a recent study by McKinsey, a vehicle’s connectivity is becoming more important than its performance. Cars will serve as intelligent control centers for monitoring traffic conditions, weather, hazards, and infotainment. Yet, key questions concerning data protection remain unanswered. For instance, to whom does the data belong? The owner of the vehicle, the government, or the manufacturer who collects the data?
7. The Cloud: Expansion of Public and Private Today, users want round-the-clock access to their data. The trend toward cloud computing is irreversible. Simply because of its purported indispensability, discussion about its security will continue. Cloud service providers will increasingly have to face the question of how resilient their own cloud-based security architectures actually are against cyberattacks.
In 2015, the debate over cloud security will mature. Users will learn to tell more precisely what services the public cloud can be used for and what guides the market offers to the security of cloud-based services (certificates). Besides the ever growing market for public cloud computing, private clouds are also on the rise since companies are realizing that they need to migrate in business-critical areas in order to protect their digital crown jewels.