Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The Sony breach may be start of new nation-state cyberattack

Patrick Thibodeau | Dec. 19, 2014
Sony attack was unusually sophisticated, ruthless.

"You can't escape hearing about security breaches in the news today, which is one reason businesses are adding security professionals to their hiring needs for 2015," said Shravan Goli, president of Dice.

In its ongoing surveys, Robert Half Technology, a human resources consulting and staffing firm, asked 2,400 CIOs about the area where they face the most challenge in hiring. In June, security ranked third at 12%, behind applications development and networking, which were both at 17%. But when surveyed again in October, security moved to second place at 15%.

"There is no doubt that IT security has been a rising priority just over the past year and will continue to be a high priority in 2015," said John Longwell, research director of Computer Economics. In 2012, the IT security professional made up about 2% of the typical IT staff. Today, it is about 2.4%, he said.

But Charles Kolodgy, an analyst at IDC, said there is no singular event driving security spending increases.

"The overall threat environment continues to grow, but part of that threat growth is predicated on the growth of IT in general," Kolodgy said. Frances Karamouzis, an analyst at Gartner who covers IT services, said that spending on security-related IT services is jumping dramatically. "I would say it's increased over 100% if not more," she said.

Outside services are also expensive, especially when 24/7 coverage is required, and it won't replace the need for companies to hire their own security personnel, Karamouzis said.

Some see the end of 2014 as a preamble to 2015.

The real damage to companies from these big data breaches may arise from the subsequent legal actions.

Steve Hultquist, chief evangelist for RedSeal, a security analytics company, is predicting that cyberattacks next year will create a "security situation that destroys a midsize or large organization."

By "destroy," RedSeal officials mean it could come in the form of negligence damages, which could be truly huge.

Vijay Basani, CEO of EiQ Networks, which provides security intelligence and compliance services, expects to see next year an increasing number of attacks that go beyond simply stealing information.

"We will see additional Sony-like attacks where perpetrators will cause significant business disruption," Basani said. "This will be the result of intruders erasing highly sensitive data, making networks and systems inaccessible, as well as creating fear in employees by threatening to leak personal data."


Previous Page  1  2 

Sign up for Computerworld eNewsletters.