If you are a security professional like me, you probably wind up speaking passionately about an attack vector, a cyber-incident or trends in information security from time-to-time.
As such, you probably get approached to opine on a summary of what frightens you the most, and how to drive to sum navigable preventative steps.
Having said that, I’m certain I live my life in fear of many things, but there are a few items which clearly have my attention and they are as follows:
Concern One: Attacks which kill. Cyber-attacks will one day lead to the loss of life through nefarious ways to attack people individually. Yes, this concept has been conjectured for years through demonstrations of the ability to attack all sorts of ‘things,’ from pacemakers to trains, to automobiles and now aircraft systems. It appears to me that the course of a cyber-attack leading to the loss of life is irrevocable and the question is only a matter of when and not if.
Concern Two: Apathy and numbness in security decision-making. Ironically, even though press about attacks and awareness is at an all-time high, it appears that a certain degree of lethargy has set in with regard to a ‘sense of urgency’ in doing the ‘right’ thing – – as many find the pursuit, in the end, fruitless. I fear that the numerous business executives are abandoning the mental exploration of how to secure endpoints and other points more effectively and have succumbed to the idea that they will either one day be a victim or have already joined victimhood.
Concern Three: More Critical Infrastructure Outages: It’s not hard to see how one of the world’s most advanced countries will experience widespread cyber-attack disruptions to critical infrastructure services such as the following:
- Power Generation
- Water Supply
- Cell, Telephone or Television (Cable) Delivery Services
- Police or First-Responder Networks
Concern Four: Comeuppance of Cyber-Hostage Taking. There has been a long history of cyber-ransom activity, however 2014 broke new ground with nefarious groups taking hostage digital assets or services until certain demands are met, which might not be in financial forms. In at least one case this has led to business failure.
Concern Five: Cyber Attack laws begin to be adopted en mass – including nationalistic-rules. Faced with an ever increasing dissatisfied and frustrated constituency and state-sponsored espionage, governments will begin the process of setting laws on cyber-attacks and begin to dictate network traffic flows, security levels at critical infrastructure companies, acceptable data processing domiciles, and providing rules on what constitutes acceptable internet behavior.
Just like creepy clowns that haunt the dreams of many children (and sometimes adults), there are numerous cyber threats lurking around every corner, waiting for the opportune moment to strike. Are you prepared?