Five Cyber Security Predictions for 2015

January, 26, 2015 Branden Spikes

The browser is already the undisputed champion of enterprise applications, becoming clearly the most ubiquitous and strategically important application run by employees in the workplace. However, we have only begun to scratch the surface of what can be delivered via browsers.

Surprisingly, the majority of enterprises still use internally operated IT systems and standalone applications for core business functions such as email, data processing, and engineering. In 2015, browsers are the information frontier and become the application platform for more of these core functions and many more applications.

We'll see more enterprise content delivered over SSL instead of old school corporate VPNs, and more cloud document authoring with integrated social communication. And browsers will run our apps too, such as how you can now run Photoshop and other Windows applications through the browser, you can run Google Earth in a browser, and you can even play Quake in a browser. For all of these reasons, it is vitally important to secure the browser, which has become the primary attack vector used by criminals.

As the world becomes aware that the limitless imagination and creativity of the hacking community will never be matched by detection technologies, approaches which begin with this assumption will prove most effective.

First among these approaches is Isolation, a practice involving a prophylactic barrier between the malicious software and the trusted environment. Gartner has emphasized the importance of isolation in the security lifecycle. In 2015, you can expect to see more organizations incorporate this technology into their security architecture.

For many years now we have seen giant segments of the population which have remained content with their mystification in the face of so many new-fangled gadgets and the information super-highway itself.

2015 will be the year that it became uncool to be naïve about tech. Grandmas and children alike are now getting and understanding how to use smartphones, and are realizing that ignoring security comes with a high price. This will enable more people to graduate from mobile apps to web apps, and the masses will begin to go online with more fervor. This widespread improvement of tech savvy is the prerequisite underpinning for my next important prediction.

Effective security practices must be practical, comprehensive, simple to understand, and ideally be convenient. However, 2015 will be the year that the average user will be willing to tolerate a little bit of inconvenience to ensure a greater level of security.

After the theft of iCloud data leaking hundreds of sensitive celebrity photo libraries, it is becoming trendy to be secure. For example, two-factor authentication is becoming pervasive, even where single sign-on via delegated and federated authentication already exist.

This will be the year the browser giants will spend huge sums of money trying to differentiate themselves, only to find what people really prefer is security, privacy, and trust over ad-revenue gimmicks and fringe benefits.

Particularly probable if all of the above four predictions turn out to be true in 2015, I predict that ad blocking functionality will be turned on by default in a mainstream browser before the end of the year. Comcast has already proven that ads can be substituted, and thus that ad revenue is not reliable.

The security and brand risk of hosting 3rd party assets on a website are now well known. It seems extremely unlikely that the Google and Microsoft browsers would block ads since they operate ad revenue search engines, but I wonder if Apple's Safari or Mozilla's Firefox might be the first one.

Branden Spikes, CEO CTO and Founder, Spikes Security

 

Keep informed.