A new 2015 threat report released this week by Websense reveals the shifting threat landscape and addresses the challenges security leaders face in striking the “delicate balance between being security aware and remaining business driven.”
The report shows attacks growing increasingly evasive, blending new techniques with old ones, with both human and technical threat aspects evolving dramatically over the course of 2014. Pulling data from five billion global inputs daily via the ThreatSeeker® Intelligence Cloud, eight 2015 trends that pose “significant” risks have been identified across two categories. Within the two categories, human behavioural trends and insider technique-based trends, threats include the ease of executing cyber-attacks, the elevation of IT IQ, poorly built infrastructures, the Internet of Things as a “threat multiplier,” and the trap of attribution.
To face these threats, the report suggests that “simple adjustments” will not suffice. “Holistic security posture must be reevaluated in terms of both human and technical elements,” the report states, calling for “supportive tactics [that] will require adaptive security solutions.”
When it comes to the human element, the report shows growth on “both sides of the battle.”
“On the one hand,” Websense analysts write, “threat actors are increasing both in skill level and in sheer numbers. On the other, the ongoing shortage of highly skilled personnel will require investments in IT, in people, education and tools to maximise their effectiveness.”