Interviews

Infosec horizon

by Mark Rowe

The biggest risk to organisations is from known threats, according to Threat Horizon 2015. It’s the latest in a series of reports from the Information Security Forum (ISF), an information security body. According to the ISF, understanding known threats is fundamental to enterprise risk management and these threats need to be evaluated in the context of the organisation to determine risk.

Steve Durbin, Global Vice President, ISF, said: “Threats such as hacktivism and malware have been around for some time, but it doesn’t mean that they are less dangerous and that we can relax – quite the opposite. Older threats, because they’ve matured, are more dangerous and pose more risk. Known threats remain dangerous and will pose greater risk to our organisations moving forward as their sophistication multiplies and they become even more effective at compromising our information security.”

Threat Horizon 2015 is part of the annual series of ISF Threat Horizon reports that seek to offer a way for ISF members to take a forward-looking view. This in turn enables a better prepared, strategic approach to managing and mitigating risk. While many of the threats addressed in this year’s report have been around for some time, the ISF believes that this should not be reassuring. Whether the threats we face are old or new is less important than the risk they pose.

Durbin added: “Research for this year’s report found a number of familiar offenders such as organised cybercrime, social engineering, mobile devices, social networking, cloud computing and malicious software. What’s new this year is the increasing sophistication of these known threats as they mature. While some threats diminish with time, others have become even more dangerous.”

Threat Horizon 2015 focuses on the following themes:

•Cyber risk is challenging to understand and address, from CEOs that simply don’t get it to organisations struggling to find the right people
•Reputation is a new target for cyber-attacks, from insider activists who leak information, and hacktivist collectives who vote on who they dislike this week
•Criminals value your information, they’re highly motivated to obtain it, or to use what leaks out of your organisation
•The changing pace of technology doesn’t help; bring your own cloud (BYOC) and bring your own device (BYOD) also bring their own risks
•The role of governments must not be misunderstood: while they have a key role to play, they won’t lead cyber security efforts – they expect organisations to manage risks in cyberspace and prevent information and systems from being compromised

The Threat Horizon series of reports are aimed at senior business executives, up to and including board level, to help them understand the cyber threats that could have an impact on their organisations.

Information Security Forum (ISF)
Founded in 1989, the Information Security Forum (ISF) is a not-for-profit association. The ISF provides a forum.bFurther information about ISF research and membership is available from www.securityforum.org.

Related News

  • Interviews

    Safer wearables

    by Mark Rowe

    As smart watches, fitness trackers and payment wristbands are expected to account for perhaps one in five mobile payment transactions by 2020…

  • Interviews

    IT survey

    by Mark Rowe

    Most executives and IT managers don’t know the number of shadow IT apps within their organisation; but they want to. That’s according…

  • Interviews

    An interesting decade

    by Mark Rowe

    What will happen to digital privacy in the upcoming decade? asks Marco Preuss, pictured, Director, GReAT Europe. Your data is now everywhere.…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing