keyboard broken lock

Security prediction for 2014: It will get worse

I hate to be the bearer of bad news, but you probably saw this coming. Multiple indicators suggest that, bad as this year has been for Internet security, 2014 will be worse. Much worse.

At least that’s the opinion of Steve Wexler, a journalist specializing in corporate technology and the leading light behind IT-TNA, an information service geared towards IT news and trends. In a Monday report, Wexler takes a look at security predictions for the coming year. “One would expect doom and gloom forecasts from security vendors – and IT industry analysts – and you won’t be disappointed.”

For instance, IDC has just this month predicted that 70 percent of chief information officers (CIOs) will increase their dependency on the cloud. While cloud-based solutions will lower costs and increase companies’ flexibility, they also increase security vulnerability. “Unfortunately for that increased risk exposure, by 2015, 60% of CIO security budgets…will be 30-40% too small to fund enterprise threat assessments,” warns Wexler.

Ant-virus leader Trend Micro sees problems as well. In a report issued last week and quoted in Wexler’s article, the company sees “the potential of a major breach each month” in 2014, according to Trend Micro CTO Raimund Genes. "We see the sophistication of threats expanding at a rapid pace," warns Genes.  "From mobile banking vulnerabilities and targeted attacks, to growing privacy concerns…2014 promises to be a prolific year for cybercrime.”

Trend Micro predicts a number of growing threats for the new year. These include more than 3 million malicious or high-risk Android apps, more man-in-the-middle attacks on mobile banking activities, and the end of support--and security updates--for the still-popular Windows XP operating system.

The Trend Micro report also focuses concern on the Internet of Everything (IoE), “which promises to be the proverbial game changer in personal technology in the years to come. With augmented reality delivered through wearable technology including watches and eyewear, the possibility of large-scale cybercrime from identity theft by 2020 is a very real possibility as the technology continues to proliferate from 2014 and beyond.”

Even the fear of lax security can make things worse. A Gartner report released in November reported that CIOs and chief information security officers (CISOs), fearful of security breaches, are turning away from enterprise risk management and risk-based information security. It’s the old fear, uncertainty, and doubt (FUD) effect, which according to Wexler, “leads to reactionary and highly emotional decision making.” Not a good way to make corporate decisions.

The good news: Organizations are putting more money into security. Wexler predicts a four-percent increase in 2014, and greater increases in future years. Not surprisingly, the US government--so adept at spying on others--is expected to increase its own digital security budget from $5.9 to $6.1 billion next year, and up to 7.3 billion by 2017.

When it comes to security, things just seem to get worse. As the old saying goes, it’s always darkest just before it goes completely black.

Subscribe to the Security Watch Newsletter