If we learned anything from Hollywood this year, it’s that security issues are here to stay. Security breaches are increasing in frequency and severity, and are no longer relegated to financial and consumer institutions. Breaches like Sony and Anthem signal that a wider variety of organizations are in desperate need of greater security. And one of the biggest barriers to cybersecurity is finding sufficiently qualified IT pros who can protect sensitive information wherever it’s stored. We talked to our trainers, and security rock stars – Anthony Sequeira, Keith Barker, Scott Morris, and Brian Alderman – to find out their predictions for the next big security challenges, and what IT teams should do to be prepared.
1) Expanding types of cybercrime, and increasing numbers of cyber criminals.
Anthony Sequeira: “There’s increasing interest in security breaches from all types of nefarious individuals and even entire countries interested in Cyber Terrorism. As we store more and more information in the cloud, the perceived gain and perceived harm that can be done to individuals is greater and greater – adding more numbers to would be attackers.”
2) Privilege creep and other human vulnerabilities. (Privilege Creep: As individuals move within an organization, they accrue access beyond what’s necessary for their work.)
Keith Barker: “It is much less work to perform social engineering, than to break AES-256, or DH. There are many vectors for attack. A single computer that was used for proactive security scans (by one of the admins) if compromised, could contain the details pre-cooked, regarding the weaknesses in a network or system. It would be like an early birthday present for the attacker who has compromised that computer.”
3) Balancing authentication and user experience.
Scott Morris: “2015 will be an interesting year where the pendulum balancing between simple user experience and security will be swinging around a bit. We’ll have to see where it lands, but be prepared for EVERYONE to become more security aware!”
4) Intrusion detection and prevention.
Scott Morris: “I predict we will hear a lot more about some spectacular breaches throughout 2015. I’m not happy about that, because most of the time, breaches could have been avoided completely or at least have had much less of an impact if detected earlier!”
5) Security specialization.
Brian Alderman: “The idea of securing content is complex and you simply can’t know too much about it as new security measures are constantly introduced and security hacks are constantly exposed. I think organizations should have individuals or a team of individuals dedicated to securing company and consumer confidential content.”
Why you need to be prepared
We also asked our trainers to weigh in on why IT teams should invest in expanding their security skills. Here are some of their thoughts:
Keith: “It is not a question of if a company will be attacked (from external or internal or both), but rather it is a question of when. An ounce of prevention is worth a pound of cure.”
Scott: “If you believe that security is a “set and forget” feature, then you are destined to repeat history! Security is an ever-moving target. No matter how smart you are, always assume there are smarter people out there.”
Ready to get started? Here are the CBT Nuggets security courses our trainers recommended:
CompTIA Security+: A vendor-neutral, solid foundation in network security.
Cisco Security: All our offerings on security with this vendor.
We also have vendor specific offerings for F5 and Juniper as well as Citrix and Palo Alto. These last two courses are currently in-progress and you can watch the newest videos as they come in.