After the Year of the Mega-Breach, Two New Trends in Information Security

Written by: |
 
After a year of repeated, large-scale data breaches, businesses are adopting new information security trends to help better protect their sensitive data. 
 
"Ever since Target and Sony were breached, it has caused organizations to very much stand up and take notice," says Renee Bradshaw, senior marketing manager at NetIQ, a software company that provides IT system management, security management, and performance management.
 
At this year's RSA conference, the computer security industry's largest gathering, RSA president Amit Yoran stated plainly that the information security industry's approaches to combatting cyber attacks (InfoSec) have failed. With a 27 percent increase in data breaches from 2013 to 2014, it's clear that what the security industry has been doing isn't working.
 
New trends in information security, however, could bring change.  Whether it's providing insurance to help clients recover after a data breach, training employees to better spot threats, or encouraging the exchange of information with government agencies, businesses are starting to approach information security in a different—and potentially more successful—way. 
 
Here are the details on two InfoSec trends and what they could mean for consumers:

After the Year of the Mega-Breach, Two New Trends in Information Security

Money-back guarantees and other product liability protections


WhiteHat Security and FireEye, two data and website security companies, have introduced new protection for clients that suffer breaches while using their services. WhiteHat Security offers a money-back guarantee of up to $500,000 for clients that suffer a breach through a bug missed by the company. FireEye has been certified with a U.S. Department of Homeland Security program that ensures its clients cannot be sued in the wake of a cyberattack. 
 
According to Bradshaw, with the rise in breaches in 2014, many businesses may want to invest in data security but do not have the budget to do so. The hope is that if companies know they will be protected financially in the case of a breach, they may be more likely to invest in better information security. And more businesses practicing stronger data security could mean better protection of consumer information in more industries.
 

Employee Education


Many businesses are looking to prevent breaches by securing one of their biggest weaknesses: people. 
 
"A lot of organizations feel that it is very important to train their business users on how to recognize phishing emails," says Bradshaw. Phishing emails aim to trick consumers into "verifying" or "updating" personal information or clicking on a link that leads to malware designed to steal data from a device or network. According to the Verizon 2015 Data Breach Investigations Report, 23 percent of users open these messages, and 11 percent click on the attachments. 
 
Phishing attacks have been common for years, but Bradshaw says that many employees remain oblivious to their red flags, and cybercriminals are making them more inconspicuous to avoid detection. Employees who are trained to recognize a cyberattack could potentially stop a breach, and fewer breaches would mean less exposure of sensitive consumer data.
 

Steps for consumers


These trends in information security don't have to stay in the business sector. According to Bradshaw, "A lot of the things businesses do to protect themselves can be translated to the home consumer." Talk to your family about phishing attacks, and share your knowledge of good security habits to help everyone in your household to help better protect their data and their identities.
 

With a 27 percent increase in data breaches from 2013 to 2014, it's clear that what the security industry has been doing isn't working. $portalUtil.addPageDescription($seo-description.getData(), $request) $portalUtil.addPageKeywords($seo-keywords.getData(), $request)

Buy Now

Medical Identity Theft

Protect yourself from medical identity theft. Learn how to detect and prevent your personal identity from being used for unauthorized medical services.

How Secure is Your Email?

If an outsider were to gain access to your email account, he or she could use the information stored within it to abuse your identity.

"I definitely feel like someone stole something from me...I felt very much violated."

Catalog and 1-800 orders quickly pile up when Pat's identity is stolen.

Common Questions

What is identity theft? How do criminals use your personal information against you? Find out here.