September 1, 2015
The Future of Cyber Security
As the Internet has become part of our daily lives, the specter of identity fraud has also become increasingly common, so cyber security is something we all need to think about carefully and take seriously.
What is identity Theft?You can define identity theft or fraud as the use of key pieces of personal information about someone by a fraudster. Such personal information can include something like a driver’s license number or a Social Security number. Alternatively, a hacker may gain access online to your credit card information or your bank account details. The fraudster may use the information to obtain goods and services in the name of the victim, imposing the cost on them and often running up sizable debts. Social security card information could be used to falsely gain employment under your name. In a worst case scenario you could end up with a criminal record if your identity is stolen and misused, although on verification of your identity such an issue will be resolved.
What is being done?
Educational providers have stepped up in the battle against cyber theft, offering a range of courses to meet the demand from the IT industry for qualified security professionals. One such example is the MSIT Degree from the University of the Potomac. The course includes a concentration in Cyber Security, with an emphasis on teaching students to better respond to cyber attacks and to better understand the role of good leadership in cyber security. Leadership in cyber security is critically important for identifying current and future threats and how better to combat them. The obvious manifestation of leadership in terms of cyber security originates at a government level, and to be fair to the US government it has been at the forefront in promoting good cyber security and identifying what needs to be done. As cyber threats grow and evolve, the need for educated professionals with the ability to lead from the front is increasingly clear.
Government is where action on a whole range of issues is initiated and governments have a responsibility to protect their citizens from cyber attacks. In the US, action on cyber security ranges from information campaigns, such as those run by the Federal Trade Commission (FTC) urging citizens to take measures to protect their identities online, to national security strategy aimed at protecting the country and key systems from cyber warfare. Internationally, the situation is less clear. Although many countries take cyber security seriously, there are some jurisdictions where the authorities don’t like the resources necessary to secure online activities or, worse still, actively look the other way, enabling cyber thieves to act with impunity. There needs to be a greater level of global cooperation on cyber security going into the future.
Another factor in terms of cyber security is that cyber attacks are increasingly being used as a “weapon of war” as states try to outdo each other. In response, a 2013 executive order by President Obama set in motion baseline security standards in respect to critical national infrastructure. In 2014, the US government published a voluntary cybersecurity framework and in more recent times the White House launched a Cybersecurity Legislative Proposal, with the objective of promoting better information sharing on cybersecurity between public and private sectors. The Obama administration held a summit at Stanford University in February 2015, bringing together key government, academic, and private sector individuals to discuss how better to protect businesses and consumers from cyber attack.
Cyber Security and the Future
You are likely well aware of the threats to our computers from hackers because that is where the focus has been since cyber threats became a reality. However, as technology has evolved the mobile device has become part of the picture, especially with the invention of tablets and smartphones. Unfortunately, many people do not take the same precautions on mobile devices as they do on desktop or laptop computers and there is a need for greater awareness of mobile security. On an organizational level, cloud computing has become a reality, but it too poses security threats. The reality is that security systems that worked during the era of the client server do not meet the needs of the mobile-cloud era. Security professionals need to be proactive in creating security strategies that enable the confident use of mobile and cloud technologies, in the expectation that security will not be comprised. One of the most straightforward ways of promoting security is to keep staff up to date on what represents risky behavior online and how to stop it. The same applies to the education of consumers and citizens.
Organizations are increasingly aware, also, that the cost of a data breach is something that is best mitigated rather than paid for after the attack has done its damage. According to research from the independent research organization the Ponemon Institute, a data breach carried out in 2014 cost, on average, $3.5 million. This represented a 15 percent increase over the cost of the average data breach in 2013. You do not have to be an accountant to realize that such a cost is one that many organizations can ill afford. There is a greater awareness, therefore, of how important it is to factor sufficient cyber security measures into a budget. Estimates by the leading technology research company Gartner put global information security spending for 2014 at $71 billion in total, an increase of 7.9 percent. The expectation is that this figure will increase by an additional 8.2 percent in 2015 to reach $77 billion in total.
Personal responsibility is important, of course, and the best advice you can take about being online is to be vigilant and to take the greatest care to protect your identity and personal details from being compromised or stolen. To stop yourself from becoming a victim of a cyber-security compromise, experts recommend that you carry out periodic checks of your credit report to ensure there is no fraudulent activity and that you never give out personal information in response to an e-mail that arrives unsolicited in your inbox. Use antivirus and malware software and keep it up to date. By taking these precautions, along with the continued development of security measures, consumers and businesses alike will be able to avoid cyber security problems in the future.