This was a tough year for organizations such as the UK's TalkTalk and the U.S. Office of Personnel Management, which were among a slew of organizations that suffered high-profile data breaches. And yet 2015 was likely just a preview of the kind of havoc bad actors will wreak around the globe in 2016. Among the next items on their agenda: The cloud.
"The cloud is essentially using someone else's computing power - something that hackers have a lot of experience in," says Bryce Boland, chieft technology officer for Asia Pacific at security vendor FireEye. "We expect a lot of this in 2016 - hackers are going to use the cloud for a wide variety of illegal activities, including generating network traffic, hosting exploit kits, compiling malware or even for bitcoin mining to reduce their operational costs."
Attackers are also going to start hosting a lot of command-and-control services on the cloud - for instance, using tweets as a medium to communicate with malware/botnets, Boland says in an interview with Information Security Media Group. Most companies using the cloud as part of their technology strategy don't really have consistent security controls across assets, he says. And that is going to attract a lot of attention from the bad guys.
Securing the Cloud
The best way to deal with this is to ensure that your organization is able to project the same kind of security controls into its cloud environment that it has for enterprise IT, Boland says. The other major challenge, he adds, is ensuring that the security team has visibility in the cloud environment and capability to detect these kinds of attacks (see: Cloud Security's Next Evolution?).
Among other predictions that Boland makes for 2016 are that cyber insurance, and cybersecurity due diligence before mergers and acquisitions, are going to become the norm. He also expects boards will come under increasing pressure from regulators and compliance bodies next year, making cybersecurity very much a board concern (see: Why Cyber-Insurers Will Demand Better InfoSec).
Boland believes that with the increasingly complex nature of cybersecurity defense, a shift to security-as-a-service is inevitable for many organizations, and this trend will accelerate (see: The New Demand for Managed Services). And he expects that countries might enact the cyber peace treaties they have been discussing. Nevertheless, attribution of attacks will remain a challenge.
In this interview (see audio link below photo), Boland addresses lessons from the past year and offers compelling insights on what he believes should be top priorities for security practitioners in the year ahead. He discusses:
- The development of cyber insurance as an industry;
- Cybersecurity due diligence in mergers, and the growth of SaaS;
- The challenges that are going to be difficult to address in security in 2016.
Boland has more than 16 years in information security experience. Prior to joining FireEye, he was the security CTO for UBS, responsible for security strategy and architecture. He also previously worked for ABN AMRO as a technology risk management consultant and was also a member of the ABN AMRO GCIRT and Enterprise Network Steering Committee. He has lived and worked in New Zealand, Australia, U.K., Switzerland and now Singapore.