The security industry is certainly never dull. While we may be fighting the same battle, that battle is always evolving. Despite the fact that items on a list of top security challenges of 2013 make the same list for 2014 those challenges have changed. A lot has happened in the last year, and while we may be facing many of the same challenges, hopefully we are attacking them in a new way. Let’s take a look at few of the top challenges from last year and how they look going into the New Year.
In 2013 the challenge was putting stronger passwords into place and enforcing stronger user-created passwords. There are challenges in how to educate and how to enforce strong password regulations. Unfortunately, this challenge wasn’t met in the past year.
In the coming year, the focus will likely be less on creating stronger passwords and more on finding a viable alternative to passwords altogether. With organizations like Petition Against Passwords fighting for the elimination of the password and companies like Motorola debuting electronic tattoos and other products aimed at eliminating passwords, it feels like a good time to take on this challenge.
Transferring critical systems to the cloud while cloud security processes and solutions were still being developed was seen as a top security challenge in 2013. The question focused on whether cloud services were up for providing greater security and reducing risk for users.
Going into 2014, cloud storage is commonplace for technical and non-technical consumers alike. Anyone using an iPhone has the potential to back up to iCloud, and even for the layperson who doesn’t understand how the cloud works, it’s a seemingly trusted, less expensive and more convenient way of getting services and storing data.
So how is the cloud doing on security? Not bad, actually. Some people believe cloud security is outperforming that of in-house security for data stored on laptops and other devices. Breaches of data stored on the cloud are much lower than those involving corporate data centers, lost devices and even theft of physical data. Cloud vendors are beginning to focus on security, and their focus keeps data safer than some company IT departments can.
Distributed Denial of Service Attacks (DDoS)
A higher risk of attacks was expected in 2013, and that prediction turned out to be right. DDoS attacks increased in numbers and in size in the past year, by eight-fold in just the first three months of 2013. The frequency of attacks increased as well the volume of individual attacks, creating problems for legitimate traffic handling, routing and other networking equipment.
Despite the uptick in attacks in 2013, many businesses are still unprepared to deal with DDoS attacks. A recent study by Corero found that companies are under investing in security infrastructure and haven’t done much to ensure the systems they do have in place will work. Most don’t have a dedicated DDoS response team in place. It doesn’t look like this challenge is going anywhere in the New Year.
Without doubt 2014 will offer up some new challenges for the security industry as we continue to work on the lingering challenges from 2013. We are not going to be bored.
What are the biggest security challenges you’re facing?