This year saw a number of remarkable events and benchmarks in cybersecurity. As we close out the year, let’s take a look back at the top five cybersecurity takeaways of 2015.
1) Cybercrime is at its most expensive, and the costs are rising.
Other than securing sensitive information, perhaps the most important aspect of cybersecurity is its potential to save companies large sums of money by protecting their data against crime. This year, however, security breaches became more expensive than ever. According to Ponemon Institute’s annual report on the cost of cybercrime, US businesses saw an average clean-up bill of $15 million, up 19% from 2014. By 2021, Ponemon predicts we’ll see an increase of 82%. Security breaches can also cause the company to take indirect hits in their profits by way of stunting stock prices or otherwise deterring investors from buying in. A company that has faced a breach might be seen as vulnerable, a liability to investment funds.
2) There’s a cybersecurity labor shortage.
In the United States alone, there are over 200,000 Ccbersecurity jobs unfilled. Cybersecurity requires highly skilled, highly technical professionals to combat threats, and the supply can’t keep up with the growing demand. The industry has been growing exponentially since 9/11, but not enough people have been training to keep up as staffing needs increase. Many are looking to women to close the gap, but until the jobs are filled, companies are left vulnerable because they don’t have the talent on deck to prevent or combat an attack.
3) Cybersecurity is in the international spotlight.
Countries worldwide are involved in the cybersecurity discussion. Throughout the year, the US and China spoke at lengths before coming to a mutual agreement against cyber espionage upon each other. Internally, the United States government is hard at work trying to protect itself from espionage and crime at-large with proposals like CISA, though they’re facing stiff resistance in the private sector. Cybercrime has become a dangerous and constant threat to Heads of State, and countries like Israel are moving cybersecurity exports to the top of their priorities in an effort to help other international governments curb the costly side effects.
4) Keep an eye on your mobile phone.
Near Field Communication (NFC) technology lets you seamlessly pay with your phone, but also places a bull’s-eye on your data. Identity theft has seen an uptick in targeting devices like the Apple Watch that use NFC to facilitate financial transactions. It’s convenient for the consumer, but leaves information vulnerable to theft. Criminals are targeting the poor verification security around accounts linked to NFC devices to conduct payment fraud, and as mobile payments are popping up more and more in our grocery and convenience stores, consumers need to be that much more diligent about the accounts connected to their devices.
5) There’s money to be made in the cybersecurity market.
The cybersecurity market is currently the fastest growing tech sector. This year it reached a new height of $77 billion and is predicted to grow by nearly another $25 billion by 2020. Similarly to the way the industry has more jobs than trained professionals, private service provider firms are popping up at an exponential rate as well. By contracting out its security, a business doesn’t have to find its own experts, and security providers can cover more ground by contracting with multiple companies. With demand growing, it doesn’t appear the market for cybersecurity will be crashing any time in the near future.
So what steps can we take in 2016 to shore up security? After the Ashley Madison hack in July, Forbes released some lessons learned that can be applied to the state of cybersecurity in 2015 as a whole.
- Understand your risk. Are you providing a service or do you have information hackers want access to? If you’re a potential target, know how to beef up your security accordingly.
- Know how much security you are promising versus how much you actually provide. Have a comprehensive understanding of your security measures, potential flaws, and how someone can exploit them.
- Know where your deleted data is going. Can it still be found even if your users think it’s gone?
- Know what your employees are doing. Can their personal activities or subscriptions be traced back to your business, making the business a target?
- Be informed about what and where you outsource. Is there sensitive data that can be accessed through a third party?
With the new year on the horizon, there are many lessons we can start to apply and help smooth out the edges on a young industry. Here’s to a happy, healthy, and more secure 2016.