February 24, 2015
When it comes to information systems security, there’s nothing simple about what businesses are up against this year.
The risk of experiencing a data breach is actually higher than ever with almost half of organizations suffering at least one security incident in the last 12 months, according to the 2015 Second Annual Data Breach Industry Forecast.
Global security incidents increased 48% from 2013 to 2014 to a total of 42.8 million detected security incidents, according to the Global State of Information Security Survey 2015.
So what will 2015 bring? Here are some security trends that will affect organizations of all sizes:
More privacy rules and regulations.
“We are seeing increasing plans for regulation around the collection, storage and use of information along with severe penalties for loss of data and breach notification,” wrote Thor Olavrud in an online information security trends story.
Stay up-to-date about privacy laws and legislation in your industry, and have a comprehensive data breach response plan.
Security is no longer just an IT issue.
“In 2015, scrutiny of corporate leadership’s management of security may continue to increase in the form of legal and regulatory action after a major incident,” noted the Industry Forecast.
Appoint a Chief Information Security Officer (CISO), and make information systems security a company-wide goal.
The growing mobile workforce.
Whether employees use company-provided mobile devices or their own, the trend to stay connected outside the office will continue to grow. All organizations are encouraged to develop good policy guidelines. Industry experts warn that a poorly implemented strategy could lead to accidental security incidents.
Insiders – the biggest threat of all.
According to the Industry Forecast, employees and negligence are the leading causes of security incidents. Organizations that implement regular information security training with employees and a culture of security committed to safeguarding data will be better positioned for success, it said.
Internet of Things.
The Internet of Things (IoT) is increasing the amount of connectivity – and vulnerability – of valuable information. But as more companies adopt interconnected systems and products, cyber attacks will likely increase.
Changing workplace policy.
Rather than just focus on information security training for employees, it’s important to embed positive security behavior into workplace routine. A perfect example is document destruction best practices. A document shredding partner will provide locked containers for the workplace so that all employees have to do is insert all documents that are no longer needed. Furthermore, a Shred-all policy removes the responsibility (and risk) of determining what is or isn’t confidential. All documents are destroyed when no longer needed.
Document management is a critical information systems security strategy. Implement these document management strategies for safe keeping all year.