‘This time it’s personal’ will be the motto of 2015 as cyber criminals are predicted to become more selective in the way that they target victims.
According to Stephen Bonner, a partner in KPMG’s cyber security practice, the next 12 months will see criminals move away from mass spear-fishing tactics in favour of highly-targeted ‘campaigns’ based on the data trail people leave in their online lives.
“Over the past year, the Internet of Things took its first tentative steps into the mainstream,” said Bonner, “but consumers’ willingness to adopt the latest trend has come at a price. Their desire to be seen has overtaken their desire to be secure, meaning that we can expect organised crime to find new ways in which to make money in our increasingly digitised society.”
Bonner continued: “It’s possible that our willingness to share and shop online will let criminals become more selective about who they target. They will not need to maintain the current ‘hit and hope’ approach of spear phishing, instead only attacking specific users and computers based on the data these give away about their owners.”
According to Bonner, the result will be a business world in which cyber protection matures and where Governments come together to improve ways in which confidential data is secured.
“2014 may have been a year in which hardly any time went by without news of a cyber attack,” asserted Bonner, “and the next 12 months will be no different. This time, however, third party assurance will become a burgeoning industry as firms seek to protect themselves against lawsuits for loss of data or revenue. As part of this, my hope is that EU Governments will reach agreement on data protection legislation in a post-Snowden world and implement a data breach disclosure regime.”
In conclusion, Bonner explained: “Ultimately, cyber defence will be akin to a game of whack-a-mole with more emphasis on spotting attacks, more sharing of intelligence in near real-time and enhanced efforts by companies and Governments to counter and disrupt cyber attacks as quickly as they can. However, to win the game a change in mindset is needed, with security teams necessarily having to reinvent themselves by engaging with the business to really understand its priorities and justify the budget, in turn ensuring that their efforts are focused on defending key business assets while being seen as an enabler for doing business in the digital world.”