Infosecurity Europe: Some previsions for 2013 for the social media platforms
In this article, Ronan Kavanagh, CEO, SpamTitan, discusses critical security aspects related the use of social media in work places and beyond.
By Ronan Kavanagh
1. Ensuring social networking activity in the workplace is responsible and productive will become even more of a crucial issue.
How many survey results or headlines have you noticed in 2012 about our growing addiction to social networking, some people can't stop friending, poking, tagging and posting. Psychologists tell us as human beings we crave connection hence the extent of our addiction, social networking taps into a basic human need. We predict that social networking will become even more ingrained in our everyday lives in 2013, the challenge for business is how to manage this behaviour in the workplace.
Most business managers know a significant number of employees are messaging on Facebook, shopping on Amazon or watching YouTube videos and they’re not sure what do about it. Social media risk and subsequent web and network security issues will continue to be a serious concern for businesses in 2013 hence we predict a greater adoption of web protection products in the SMB sector as small and medium sized businesses start managing the risks using appropriate technologies.
2. The bring your own device (BYOD) trend will continue into 2013
The BYOD trend will continue to grow as similar consumer-driven IT initiatives become more widely accepted. The dilemma facing businesses as to how best support these devices will persist in 2013, the main issue being costs and security. We predict that many CTOs having reviewed their organisations experience with BYOD will decide that it’s not worth the pain and will look to enterprise and cloud based tools as a better alternative.
We will continue to see severe shortcomings in corporate security policies in relation to supporting devices. Regardless of who owns the device, employees must abide by corporate security policies if they are using the device for business however this requires a policy to be in place which will be a priority for many organisations in 2013. CTOs and IT departments have a lot to consider.
3. Cybercriminals will continue to get better at profiling social media users
With social networking and social commerce continuing to grow so is the level of malware attacks on social networks, these attacks aim to steal payment credentials as well as personal details. The black market value of these credentials is growing as cybercriminals buy and sell this information. Cybercriminals will continue to get better at profiling social media users so that they can monetize this information by gaining access to bank and other accounts.
Spam is still a problem, however we have seen significant changes over the past 2 to 3 years with spam email volumes falling over that period, spam now accounts for about 70% of global email volume, down from approximately 90%. 2012 has seen an increase in awareness amongst users about phishing and social engineering attacks across both email and social networks. Despite this social media will again be the platform of choice for phishing attacks in 2013.
4. Social media will be the platform of choice for phishing attacks in 2013
In 2012 both Twitter and Facebook have been the most successfully used channels to spread phishing attacks, this shift to on-line phishing is a natural response to the growth in the user communities of the main social networking sites. We see this trend continuing in 2013. Attacks via social media can be deployed speedily and cost the cybercriminal little in terms of outlay hence their attractiveness. Organizations need to implement suitable technology controls as well as ensuring employees are awareness of the dangers successful phishing attacks present.
5. As market consolidation continues end user businesses will be uncompromising in considering alternative solutions
We believe "consolidation" will be a keyword in the information security industry in 2013, the market has already seen and will continue to see massive consolidation. The vast number of mergers and acquisitions are reshaping the information security industry. This year we’ve seen some significant deals including Trustwave buying M86 Security 2012 and Commtouch acquiring Eleven GmbH.
Are acquisitions beneficial for end-user businesses? Sometimes consolidation forces end user businesses to make changes in order to address issues that arise as a result of a consolidation. As the market consolidates further in 2013, end-user businesses will benefit if they take the opportunity to scan the market and are uncompromising in evaluating other possible vendors that meet their needs. Businesses will often find that niche companies producing specialist products deliver better products with a certain enthusiasm and attention to the product that they may not have experienced before.
About the author
Ronan Kavanagh is CEO at SpamTitan.
About Infosecurity Europe
Infosecurity Europe, celebrating 18 years at the heart of the industry in 2013, is Europe’s number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Organised by Reed Exhibitions, the world’s largest tradeshow organiser, Infosecurity Europe is one of four Infosecurity events around the world with events also running in Belgium, Netherlands and Russia. Infosecurity Europe runs from the 23rd – 25th April 2013, in Earls Court, London. For further information please visit www.infosec.co.uk