The RSA Conference (RSAC) is the world’s largest security event, providing the latest security trends, predictions and threats. Below, we highlight three key topics from the 2016 RSA Conference:
- Internet of Things (IoT) security
- Encryption and privacy
- Lack of cyber security talent
1. IoT Security Threats
Michael Brown, CEO of Symantec, stated that IoT devices are expected to grow from five billion to 50 billion within the next five years.
As IoT devices, such as beacons, wearable devices, smart lights and locks, continue to expand in the workplace, businesses must prepare for the added risks that come along with them. Having multiple devices connected not only to each other, but the company network, increases the risk of hacker’s gaining access to systems and data, if left unsecured.
For example, nearly 70% of people that own wearable devices do not protect them with passwords or passcodes. If employees bring these devices into your workplace unsecured, you run the risk of critical information being compromised. Businesses need to enforce strong IoT security measures, such as:
- Professional installation. Work with a vendor that has the necessary expertise, insurance and certifications to properly coordinate with IT teams and ensure accurate equipment configuration.
- Vendors that have security in mind. Unfortunately, not all IoT vendors have security in mind. Before purchasing, evaluate products and services to determine if they can encrypt network communications, enable password/passcode protection, and regularly support updates.
- Network firewalls. Installation of network firewalls and antivirus software can add an extra layer of protection, preventing hackers from gaining access to critical systems and devices. Remember, when installing these systems, update regularly to avoid weak networks and outdated protection.
2. The Need for Encryption and Privacy
As technology continues to evolve, so will the security measures needed to protect new devices, equipment and systems. The CEO of the International Association of Privacy Professionals, Trevor Hughes stated, “Technology will continue to change our definition of privacy and our expectations of privacy."
For example, Apple recently refused to unlock the San Bernardino shooter’s iPhone to release information to the FBI. Situations like this question the future of technology and individual’s security rights. Michael Chertoff, co-founder and executive chairman of The Chertoff Group, stated, "Encryption is going to be a key element in a strategy to secure all of this going forward."
Although encryption is not a new form of security, it is a growing necessity to secure sensitive information and ensure privacy in today’s tech-driven world.
3. Lack of Talent in Cyber Security
The Internet provides your business with convenience and easy access to information, but increases risk when networks, devices and systems are not properly protected.
To avoid threats, quality cyber security talent must be present. According to a report conducted by ISACA and the RSA Conference, 59% of respondents cited that half of cyber security and information specialists hired lacked the proper qualifications.
Analysts believe the lack of qualified specialists may be a result of increased usage of automated solutions and the ever-shifting landscape of cyber crime. When hiring a cyber security specialist or partner for your business, ensure candidates can:
- Configure and support systems, such as firewalls and antivirus software.
- Conduct security audits to ensure systems are properly protected.
- Defend systems against unauthorized access to networks or devices.
- Perform risk and security analyses.
- Provide recommendations for security updates.
How do you ensure your business is keeping up with the latest security trends? Share in the comments.
Image Source: Perspecsys Photos