The Information Security Forum (ISF), a US-based information security body covering cyber security and information risk management, has brought out Threat Horizon 2016, the latest in a series of the organization’s Threat Horizon reports. According to the ISF, revelations in 2013 that governments and their agencies have been spying on citizens in the name of national security have seriously undermined a core tenet of operating in cyberspace – trust.
Steve Durbin, Global Vice President, ISF, said: “Primary analysis of data gathered for Threat Horizon 2016 resulted in an overarching theme of trust that increasingly concerns our member companies. Disintegration of trust will result in organizations no longer being able to take for granted that governments will look out for citizens’ best interests, that security solutions will deliver what is promised and that their people will help navigate a way through.”
Threat Horizon 2016 is part of the annual series of ISF Threat Horizon reports that provide a way for ISF members to take a forward-looking view of the increasing threats in what the forum terms an always-on, interconnected world. This in turn enables a better prepared, strategic approach to managing and mitigating risk. Threat Horizon 2016 contains recommendations and references to other ISF deliverables and resources that can help address these risks.
“Threat Horizon 2014highlighted that the cyber arms race would lead to a cold war. Rather than cold, this ‘war’ has turned hot with more governments developing offensive cyber capabilities. Threat Horizon 2015 predicted that governments and regulators will demand more of organizations in preparing for cyber threats, yet will offer little direct guidance. In this year’s report, we have determined that government activities will further complicate the way organizations operate in cyberspace. We anticipate that the threat landscape will continue to widen and organizations must prepare to work in this new normal – now.”
The authors say Threat Horizon 2016 provides a practical way for organizations to take a forward-looking view of the increasing threats in today’s always-on, interconnected world. The report, which contains a business-oriented view of threats that may affect an organization over the next two years, on the following themes:
· No-One Left to Trust in Cyberspace – Organizations must prepare to operate in an environment where governments no longer balance national security with citizens’ and business’s best interests
· Confidence in Accepted Solutions Crumbles – Organizations need to build resilience against cyber threats at a time when a number of accepted solutions are no longer viable
· Failure to Deliver the Cyber Resilience Promise – Unless Chief Information Security Officers (CISOs) evolve their skill set to ensure that they can anticipate the CEO’s needs and deliver on an increasingly demanding digital agenda, they will fail.
Threat Horizon 2016 contains detailed predictions along with trends and other factors that can increase or decrease the probability of the predictions coming true. The report also sets out to highlight the top 10 threats to information through 2016. These threats include, but are not limited to:
1. Nation-State Backed Espionage Goes Mainstream
2. A Balkanized Internet Complicates Business
3. Unintended Consequences of State Intervention
4. Service Providers Become a Key Vulnerability
5. Big Data = Big Problems
6. Mobile Apps Become the Main Route for Compromise
7. Encryption Fails
8. The CEO Gets It, Now You Have to Deliver
9. Skills Gap Becomes a Chasm
10. Information Security Fails to Work With New Generations.
The Threat Horizon series of reports is aimed at senior business executives, up to and including board level, to help them understand the cyber threats that could have an impact on their organizations. The reports can also be used by information security professionals to explain threats to business audiences and to engage with them. Threat Horizon 2016 key findings will be discussed in a webcast on Tuesday, April 15 at 2pm (GMT)/9 a.m. (ET). A recording will be available following the conclusion of the event. Register via this link, for the free webcast.
