The Information Security Forum has released a new report entitles "Threat Horizon 2014: Managing Risks When Threats Collide." The theme of the report is that businesses and other organizations will experience increased security risks during the next two years because the threat environment online will continue to become more complex and extensive.
Steve Durbin, who serves as the forum's global vice president, warned that the era of single threats may be coming to an end. Security in the future may be characterized by the growing prevalence of threats that combine multiple routes of attack and intrusion. "While individual threats will continue to pose a risk," he commented, "there is even more danger when they combine, such as when organized criminals adopt techniques developed by online activists. Traditional risk management is insufficiently agile to deal with the potential impacts from activity in cyberspace."
The report discusses three different types of threat that businesses must be able to confront. External threats emanate from outside the company network and are the type most commonly perceived to be hazardous, possibly because they receive the most news coverage. The report, however, also discusses threats that originate inside an organization as well as those that can arise from the constantly changing regulatory environment. For example, the report discusses how demands for increased online transparency may actually cause system weaknesses to become more public, and hence more subject to being used by cyber criminals.