Cloud and mobile computing are pushing the IT landscape further away from the organization, and an emerging Internet of Things is expanding the surface area of a defensive front already riddled with holes. Any member of an organization is subject to social engineering attacks for which leadership will increasingly be held accountable before an unforgiving public. Today’s cybersecurity trends are evolving at an overwhelming pace, but it’s not a lost cause. The enemy is not an invincible genius — he’s smart and organized, and the key to winning is simply to beat him at his own game.
Here’s a look at some of the biggest trends and what they mean for security professionals, CIOs and government leaders.
The biggest trend in cybersecurity is that IT leaders are losing control of their technology. It’s a trend that obliterates how security has traditionally worked and it can’t be stopped, said John Pescatore, director of emerging security trends at the SANS Institute. There was a time when employees used nothing but vetted equipment and software, but pressure from staff members who want to bring their own devices to the office is changing that paradigm. What’s more, servers and storage that used to be locked up in agency data centers are quickly moving to the cloud. And security professionals are still trying to catch up.
The federal government embraced the evolving cloud and mobile landscape in 2010 when the Office of Management and Budget issued its groundbreaking “cloud-first” policy. Now initiatives like the Federal Risk and Authorization Management Program (FedRAMP) ensure there’s a governance around cloud security. State and local offices are tagging close behind, Pescatore said.
Source: Government Technology