Too many businesses assume that the internet will be around forever. But that's faulty thinking, and an impractical business practice, says Steve Durbin, managing director of the Information Security Forum. Over the next two years, he says, businesses that don't come up with ways to operate without the internet will be crippled by attacks and disruptions that take them offline.
"We need to be looking at alternatives to when the internet isn't there," Durbin advises during an interview with Information Security Media Group (click on link beneath image to listen). "And that, for some organizations, will be very, very difficult, because they are so dependent upon it."
But Durbin says organizations need to push the envelope, and fast. Over the next two years, the ISF, a not-for-profit association that researches and analyzes security and risk management issues, now in its 10th year of publishing the annual Threat Horizon report, predicts that nation-state actors and cybercrime groups will employ new methods for creating disruption, including internet outages.
"We've seen a significant amount of internet downtime over the last 12 months, the cost of which is in the region of $2.5 billion," says Durbin, , a featured speaker at ISMG's Fraud and Breach Prevention Summit in Atlanta April 25 and 26.
The Three Ds of Doom
Disruption, distortion and deterioration are the three most concerning attack themes the ISF has identified for the next two years.
In addition to online outages and takedowns, the ISF also predicts that an overreliance on data will pose significant challenges and risks as well.
"We're much more susceptible to things like misinformation being spread," Durbin says. "And one that worries me much more is the falsification of information within some of our databases. We're producing so much data, it's very, very difficult for organizations to ensure the integrity of that information. And we use that data for all sorts of business decisions."
During this interview, Durbin also discusses:
- Concerns about effectively managing data and access to sensitive information in the cloud;
- The global impact of emerging regulatory mandates, such as the European Union's General Data Protection Regulation, which takes effect in May 2018; and
- Why the use federated identity and access management is expected to grow, and quickly.
At the Information Security Forum, Durbin's main areas of focus include the emerging security threat landscape, cybersecurity, mobile security, the cloud and social media across both the corporate and personal environments. Previously, he was a senior vice president at the consultancy Gartner.