The information security threat landscape is constantly evolving. To help you navigate the terrain, each year the Information Security Forum (ISF) — a nonprofit association that researches and analyzes security and risk management issues on behalf of its members — puts out its Threat Horizon report to provide members with a forward-looking view of the biggest security threats over a two-year period. What follows are the nine biggest threats on the horizon through 2019 that your organization may have to manage and mitigate.
Theme 1: Disruption from an over-reliance on fragile connectivity
Organizations today depend of instant and uninterrupted connectivity, smart physical devices and trustworthy people. But that dependence makes them vulnerable to attacks on core internet infrastructure, devices used in daily business and key people with access to mission-critical information.
"We've been dependent on the internet for so very long," says Steve Durbin, managing director of the ISF. "We've gotten to the point where we view it as any other utility. If you suddenly cut of the electricity, it's a major issue. Corporations have backups in place for other utilities — generators for instance. No one has really done that for the internet. They just assume it's going to be there."
To defend themselves, Durbin says, organizations need to rethink their defensive models, particularly regarding business continuity and disaster recovery plans. Plans that rely on employees working from home won't survive attacks that remove connectivity or that target key individuals. ISF recommends that revised plans cover threats to physical safety as well as periods of operational downtime caused by attacks on infrastructure, devices or people.
Premeditated internet outages bring trade to its knees
As conflicts across the globe increase in number and severity, ISF predicts that within the next two years, nation states and other groups will seek new ways of causing widespread disruption, including internet outages at the local or even regional level. Commercial and government organizations are likely to be considered legitimate targets, and industries stand to lose millions of dollars if communications systems fail and trade grinds to a halt.
Given the increasing prevalence of 'just-in-time' supply chain models, even brief disruptions can lead to shortages, Durbin says. Financial services institutions are also vulnerable, and outages that target them could lead to cascading failures. For instance, if clearing houses (institutions that settle payments) lose connectivity, organizations across all industries may lose the ability to initiate or receive payments for the duration. Even government services like law enforcement depend on connectivity for communications.
Attacks in this realm could involve physically cutting cables (possibly under sea where repairs could take significant time), rendering root DNS or datacenters useless, distributed denial of service (DDos) attacks that harness massive botnets or even manipulating internet addresses and routes to ensure traffic doesn't arrive at its stated destination.
Sign up for Computerworld eNewsletters.