While most IT security professionals are well aware of the nature of cyber threats, many lack the predictive insights to pre-emptively do anything about new threats. Addressing that issue usually means turning to vendors who have proven expertise in the infosec domain. Case in point is San Jose based FinalCode, a company that specializes in bringing ease of use to securing data files. FinalCode has done extensive research into the nature of cyber threats and has some relevant predictions as to what may happen in 2017.
FinalCode Director of Sales Makoto Mizuyama said “We saw a constant stream of breaches in 2016 ranging from the embarrassing, such as the exposure of email addresses, to the ominous, such as IoT-based distributed denial of service attacks, to the manipulative, such as Russian hacking during the presidential campaign. The year’s bad news was capped in December with the announcement that one billion Yahoo accounts have been compromised.”
While those events are well documented, it may only be an indication of what is to come in the future, and that is where FinalCode is attempting to make an impact on the InfoSec market. For FinalCode, achieving that impact comes in the form of educating infosec professionals and by providing the tools to protect data. FinalCode is making it well known that rising challenges are facing those charged with protecting data. First and foremost, the company is warning the industry about the impact that the disappearance of the enterprise perimeter is having. Mizuyama said “The growth of cloud and mobile computing and the disappearance of the enterprise perimeter is exposing data to a rapidly growing attack surface. The opportunities for data exfiltration by attackers or accidental exposure also are growing along with it. As data becomes more mobile, organizations must separate file security from their storage, transport and collaboration platforms to provide the type of persistent security controls for all users, internal and external.”
With that in mind, it becomes clear that protecting data is becoming an ever-growing challenge, a challenge that will only become more complicated if FinalCode’s predictions bear true.
The company has identified the following trends that will impact infosec:
- Misinformation and fake news: Propaganda and information warfare are not new, but their role in the 2016 presidential campaign demonstrated just how powerful a weapon information can be. Misinformation can be effective and easy to use, and we can expect it to be a common feature in public discourse in the coming year. Information that is stolen, leaked or otherwise exposed can be manipulated and used for unintended purposes. Even accurate information can be misused to damage or embarrass the source organization or a third party. If it is not accompanied by the appropriate controls, information in the hands of an outsider can be edited or altered to create a false impression. Data today must be protected not only as a valuable asset, but as a potentially dangerous weapon.
- The insider threat: As perimeters disappear and information becomes more mobile, the definition of an “insider” has become much broader, extending beyond your own employees. Contractors, suppliers and customers can all have legitimate reasons to access your data. All of them represent an insider threat, either from the potential for malicious activity or from simple human error. All of these people—and increasingly, machines as well—are using your information. This makes it imperative that information be secured throughout its lifecycle, in use as well as in storage and transmission, and regardless of who is using it.
- Protecting your files: Data has value when it can be used, and collaboration helps businesses to succeed. Unfortunately, collaboration also introduces significant risks. Organizations must comply with government and industry requirements for security and privacy, and the more people who have access to data the greater the risk of exposure. Data must be protected wherever it is in use. “Organizations need file protection products that offer appropriate levels of control for the internal users and the variety of external users requiring access to sensitive and/or regulated information,” said Andrew Kellett, principal analyst for infrastructure solutions at Ovum.
Events of the past year show that it probably is a matter of when, not if, your organization suffers a data breach or leakage. Mizuyama adds “you do not have to leave your sensitive information exposed to hackers, insiders or human error. Seamless persistent file security can give you complete control of your data, wherever it is or who has it.”
With those security challenges in mind, FinalCode has introduced some new products that are aimed at equipping infosec professionals with the means to keep data protected. You can read more about those products here: