Start your year securely Part 4 - What to look out for in 2016!

Author: Tom Swift


Tom again for the final part in our 4 part blog series on security.

For the final part of this four part series on security I have gathered opinions and predictions from all our security experts to help you predict what problems may lay ahead for 2016.

Expert: Adam is a Senior Network and Security Specialist at Yellowbus with over 8 years experience who participates actively on Twitter as @adamoll18

Problem: Power Providers World Wide

Solution: ‘ I predict that over the next 12 months there will be an increased threat to Power Providers, whether that be individual power stations around the world or providers of Power to suppliers to those services. The repercussions of this could be massive and lead to black outs around the world, impacting on many a company causing millions if not billions in lost revenue. Effectively its not if this will happen it’s when that will be the problem.’

Following on from this initial conversation I asked for a little more information on what sorts of cyber threat these suppliers may face and was directed to an article from Cyber Security Magazine in which a particularly poignant quote stood out to me:

A cyber attack against a nuclear facility could facilitate the theft of nuclear materials or an act of sabotage leading to a catastrophic radiation release.

This while probably the most extreme example of cyber sabotage is still similar to that faced by many companies.

Expert: Michael is a Director at Yellowbus with over 15 years experience in the IT industry he frequently advises other IT companies on LinkedIn where he is fast becoming a thought leader.

Problem: A common area of data that IT Admins for get is their website. Simple guides are now easier than ever to find online (for example) and I hope that in the next year whoever is responsible for a companies data security will start to invest time in this.

Solution: It is always advisable to commit to regular pen tests for any online portal you have be it a website or any other place you save and display user data.

Michael is obviously approaching this from a background in Web and Software Development but he makes an incredibly valid point! You can have all the security in the world in place but if your website opens up a hole in that to access one of your servers then you are only as strong as your weakest link. His recommendation of regular penetration testing is incredibly sensible although not always cheap! However, if you consider the costs to your business if you were to be hacked then this is probably quite cost effective.

Expert: Andy has many years experience working as a Senior Network and Security Specialist with Yellowbus.

Problem: Cybercriminals follow the path of least resistance and the easiest way for them to gain access to your precious data is usually by tricking a person into handing over the keys, not by writing a clever piece of code. Phishing attacks are growing more sophisticated all the time, as official-looking messages and websites, or communications that apparently come from trusted sources, are employed to gain access to your systems.

Solution: The targeting of high-level execs or anyone with a high security clearance is on the rise. If cybercriminals can hack a CEO’s account, for example, they can use it to wreak havoc and expose a lot of sensitive data. Educating potential targets about the dangers is not enough. You need a combination of real-time monitoring and scanning systems, with protective blocking capabilities. That said, sometimes laying down a security policy for employee education is all you need.

This is a problem we have all had to deal with and I'm pretty sure Andy's correct in predicting this isn't going away any time soon. Education is the answer, but many people struggle to find the time to educate their employee's. Internal news letter? - left unread in an inbox. Staff training days? - Expensive! Training lunch? - I personally like this, but it is sometimes hard to implement in companies that have operated with a strict "Lunch Hour" policy in place for a long time.

Expert: Mike is a Director at Yellowbus and has been following trends to predict and prevent potential problems you can follow his latest thoughts here.

Problem:My prediction is that ALL governing bodies and large enterprises will make it a pre-req that ALL of their supply chain is Cyber Essentials accredited,

and going into 2017+ I wouldn’t be surprised if they increased this to CE stage 2 accredited as the standard matures

Solution: Get in touch with a company that can provide you and your partners with the tools they need to become Cyber Essentials accredited.

I talked to Mike about this mid 2015 and he made this prediction then so I wasn't surprised to hear this reiterated when I asked him for his biggest prediction. He did also mention that he hasn't been proved wrong yet and that more and more partners are asking for this. It is a sensible and relatively inexpensive first step to take when securing your company against a broad range of threats.

If you need help or advice on any of these subjects please get in touch! We are always available for advice via email or over the phone (01925 83 83 86). 



Yellowbus Hyperdesk - test drive a smarter way of working

Take a look at our Recent Blog Posts!

Subscribe for Updates