Five Cyber Security Predictions for 2016

Information security and risk management professionals will rebel against cookie-cutter approaches to cyber security in 2016, that’s just one of many ways that prevention, detection and response to cyber threats will change in the next year, according to a new report from Forrester Research.

“Security investments based on a checklist of technology required to meet compliance fails to address underlying or existing vulnerabilities,” Forrester authors Rick Holland and Heidi Shey contend. “Assess the maturity of your security program to build a strategic road map to reach higher levels of maturity, and identify existing gaps and centers of excellence.” In particular, Forrester gives five cybersecurity predictions and resulting actions to be taken in 2016:

We’ll See Ransomware for a Medical Device or Wearable
Security and risk professionals should focus on the human factor to combat phishing; identify data assets and access paths to understand the types of data that wearables and Internet of Things devices are collecting; secure data collection as well as data analysis points, starting with medical devices collecting data and continuing to the location where analysis occurs; and re-examine existing security functions through an Internet of Things lens.

The US Government Will Experience Another Significant Breach
Forrester gives a bleak assessment of the government’s security capabilities. “It will be cyber security as usual for the U.S. government, with lower morale as federal employees question the government’s ability to protect sensitive data and hire qualified cyber security experts.” In short, the government is short-staffed, under-budgeted and lacking internal discipline.

Security and Risk Pros Will Increase Spending on Prevention by 5 to 10 Percent
“You may have heard claims that prevention is dead,” according to Forrester. “This couldn’t be farther from the truth.” The firm recommends investing in new varieties of prevention that employ “exploit” prevention techniques; being skeptical of vendors that offer only detection technologies; and maximizing existing detection capabilities before investing in new ones.

Defense Contractors Will Fail to Woo Private Industry with ‘Military Grade’ Security
Contractors see a big opportunity in the commercial sector and have been buying up complementary companies, but have difficulty understanding private-sector requirements and dynamics, according to Forrester. “Many assume that purchase orders will rain down from the heavens with the mere mention of statements like, ‘We’ve been fighting the advanced persistent threat for 15 years.’” So, question defense contractors about their commercial experience, see through the ‘Military Grade’ claims as a higher tier product, because that isn’t a given (see F-35 Joint Strike Fighter jet), and understand that a long-term commitment to commercial markets is a traditional concern when working with defense contractors.”

HR Departments Will Offer Identity and Credit Protection as an Employee Benefit
“Keeping up with the times, potential challenges associated with fighting fraud, identity theft, medical identity theft and damage to personal online reputation will drive HR pros to bring in identity and credit protection and resolution services as an employee benefit,” Forrester notes. So, build a closer relationship with HR, and revamp and jumpstart your security awareness program.

Information-Management: http://bit.ly/1TkwPkU

 

« N. Korea Employs Grads for Cyber Warfare
OPM Hack Was Criminal - Not China Government Sponsored »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

DTS Solution

DTS Solution

DTS Solution delivers advanced cyber security solutions through is technology partnerships with industry leading security vendors and advanced consulting services.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

Center for Analysis & Investigation of Cyber-Attacks (CAICA)

Center for Analysis & Investigation of Cyber-Attacks (CAICA)

The Center for Analysis & Investigation of Cyber-Attacks is one of the leading Kazakhstan organisations in the field of information and computer security.

PureCyber

PureCyber

PureCyber (formerly Wolfberry Cyber) is an award-winning cyber security consultancy whose goal it is to make cyber security accessible, understandable, and affordable for any organisation.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

Raman Power Technologies

Raman Power Technologies

Raman Power Technologies focus on bringing value and solving business challenges through the delivery of modern IT services and solutions including cybersecurity.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

The Purple Guys

The Purple Guys

The Purple Guys offer Trouble-Free IT Support to businesses across the Central and Southern US. Safe and Secure, Rapid Response, Friendly Support that’s our Purple Promise.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.

DeepTempo

DeepTempo

At DeepTempo, we build AI models and related software that protect enterprises and service providers from sophisticated cyber threats.