VERO BEACH, FL--(Marketwired - Jan 14, 2014) - SpectorSoft, the leading provider of insider threat detection solutions, today announced its 2014 predictions for the IT security market. SpectorSoft has compiled its predictions based on thoughtful analysis of security trends and events that have taken place over the past several years, first-hand knowledge of short- and long-term enterprise security concerns, and involvement in situations where enterprises and government agencies have used its solutions to detect, investigate and even convict a number of high-profile malicious insiders.
Prediction: Like the Green movement, IT Security will become a competitive advantage in fight to win customer trust.
Historically, enterprises have avoided speaking publicly about their IT security programs due not only to corporate policies governing how vendors may or may not name them as customers but also due to their wish to avoid being perceived as having a large volume of data that needs to be protected against cybercriminals. In 2014, this attitude will change. In the same way that they promote their commitment to the Green movement to attract the segment of the population that demands environmental protections, enterprises will start to publicize their IT security programs to retain and attract the growing ranks of consumer and business customers demanding absolute levels of data security and privacy.
Prediction: Beyond the breach, C-level executives will demand increased IT security.
When major data breaches occur -- such as the recent Target disaster that compromised the personal information of as many as 40 million payment-card users -- C-level executives tend to get involved for public relations reasons and to approve sizable payments to organizations providing mitigation services. Breaches such as Target's and others that hit organizations in 2013, including NSA, Zynga, HTC Corp., The New York Times and Twitter, will force C-level executives to demand increased IT security. They will also become more concerned with security operations on an ongoing basis and support investments that provide security from both external and insider threats.
Prediction: Threat intelligence will provide real-time detection and alert capabilities.
The never-ending parade of headlines about data breaches driven by insiders and external actors demonstrates that legacy, new and advanced security solutions and intelligence are failing to detect and mitigate threats. In fact, a recent NSS Labs report revealed that only 19 out of 606 technology combinations were effective in detecting exploits. In 2014, enterprises will invest in threat intelligence -- about both insiders and outsiders -- that allows their organizations to detect threats, provide real-time alerts, and then make informed decisions about how to quickly neutralize and remove them.
Prediction: Healthcare.gov could experience an insider-driven breach.
The IT security community is assessing whether or not technology flaws in the Healthcare.gov Web applications could lead to a consumer data breach of monumental proportions. Insiders who already have access to information-gathering servers, databases and document file shares may wish to make a political statement, gain worldwide fame, embarrass program proponents or even stall progress.
Prediction: The Internet of Things will present different industries with specific challenges.
As the Internet of Things (IoT) expands to connect virtually all devices, applications and software used to conduct business, so too will the number of workers being granted access to information expand. An example of one industry that will experience significant IoT-related challenges is healthcare. The American Recovery and Reinvestment Act requires meaningful use of Electronic Health Records (EHR) by 2014. This means demand for skilled health-informatics workers could increase by as much as 20 percent to meet the new requirements, according to the U.S. Bureau of Labor Statistics. Suddenly, many paper-based practices will need EHR keepers, specialists in healthcare IT systems, or even informatics directors and consultants. Additional staff dedicated to EHR management means expanded access to some of the most sensitive and regulated information available, a situation that will increase data-breach and compliance risks to the highest levels yet seen.
Prediction: In the wake of Edward Snowden, there will be renewed focus on privileged users.
While enterprises have always had concerns when it comes to the access rights of privileged users, they have frequently failed to learn from the long string of Snowden-like breaches that occur regularly. The definition of an insider threat is the use of authorized access in an improper way. Given the amount of damage that can be caused by a highly privileged user, many companies in 2014 will start to apply significant scrutiny to the activities of users in these roles.
SpectorSoft is the leader in computer and mobile device User Activity Monitoring and analysis software. SpectorSoft has helped more than 36,000 businesses, government organizations, schools, and law enforcement agencies improve how they address security and achieve compliance across communication and computing OSs and devices. SpectorSoft solutions review security risk, audit compliance mandates, protect assets and reputation, ensure adherence to Acceptable Use Policies, and optimize productivity and efficiency. For more information, visit www.spectorsoft.com.