6 security trends for 2015

  • Uses of malware are multiplying and evolving into serious threats.

  • Destructive malware is now being aimed at employee-owned devices.

  • Make sure older software is included in the security patching process.

Are you wondering what threats may await your organization in 2015? Take a peek into the future with the New Year, New Security Challenges webinar. Read below for the six security threats that AT&T security experts believe may challenge your business in the New Year, and learn what you can do.

1. Malware gets more destructive.

As DDoS attacks become less effective, malware offers hackers another avenue for doing harm. While the recent “mass destruction” malware attack on an entertainment giant is rare, other uses of malware are multiplying and evolving into serious threats. For example, with ransomware, hackers break in, encrypt data, and hold it hostage until you pay them to decrypt it. There’s no need to make the exchange in a dark parking garage; a simple digital payment completes the transaction. Early detection and offline backups can help reduce malware’s spread and impact.

2. BYOD issues heat up.

Destructive malware is now being aimed at employee-owned devices. This one is a carry-over from 2014 with a few new twists that can increase the damage. In addition to securing a single device for both personal and business use, dual personas are expanding to include multiple identities. Think about the complexity of a medical doctor’s device needing separate and protected environments for personal, private practice and hospital data. A layered end-to-end security approach and containerized identities can help address BYOD concerns.

3. The Internet of Things (IoT) evolves.

Many connected devices lack the security needed for the Internet. Often this is because a device, such as a security surveillance DVR, isn’t considered a computer that needs protection. In reality, the DVR can be infected with a botnet, letting hackers view and control video content and the device itself. The good news is that connected devices are all running across a network, where strong security measures can be applied.

4. Legacy software vulnerabilities are more pervasive.

For widespread impact, threats like Heartbleed, Shellshock and Poodle exploit the vulnerabilities of legacy security protocols or open source code used by many products. With open source now embedded in a range of connected devices, the impact can grow exponentially. For protection, make sure older software is included in the security patching process.

5. Early detection and response moves to the forefront.

Prevention mechanisms are good, but companies are shifting their focus to early detection and response. The goal is to understand what the threat is, where and who it is coming from, and why, so you can be better prepared before an attack occurs and know how to respond more quickly if it does. With applications and data located on site, in the cloud, or on virtually any connected device, you need event monitoring and threat management tools that protect assets that reside both internally and externally.

6. Hackers stepping up attacks on small and medium businesses.

Many companies use the cloud and personal mobile devices without investing the time and capital required for a holistic security strategy. Hackers are targeting these companies. Focusing on the basics of device and network protection, including anti-virus, anti-malware, firewalls, web filtering, and monitoring tools, can help provide protection against retail fraud, credit card, and customer data theft.

Have you experienced any of these security threats first hand? What security trends is your organization preparing for in the New Year? Watch the discussion or find out more about network security.


Andy Daudelin Vice President of Cloud AT&T About Andy