Information Security Forum Launches Threat Horizon 2016
NEW YORK – April 9, 2014 –– The Information Security Forum (ISF), a global, independent information security body considered the world's leading authority on cyber security and information risk management, today announced the availability of Threat Horizon 2016, the latest in a series of the organizations Threat Horizon reports. According to the ISF, revelations in 2013 that governments and their agencies have been spying on citizens in the name of national security have seriously undermined a core tenet of operating in cyberspace – trust.
"Primary analysis of data gathered for Threat Horizon 2016 resulted in an overarching theme of trust that increasingly concerns our member companies," said Steve Durbin, Global Vice President, ISF. "Disintegration of trust will result in organizations no longer being able to take for granted that governments will look out for citizens' best interests, that security solutions will deliver what is promised, and that their people will help navigate a way through."
Threat Horizon 2016 is part of the annual series of ISF Threat Horizon reports that provide a practical way for ISF Members to take a forward-looking view of the increasing threats in today's always-on, interconnected world. This in turn enables a better prepared, strategic approach to managing and mitigating risk. Threat Horizon 2016 helps to inform organizations by highlighting how the confidentiality, integrity and availability of information may be compromised over a two-year time horizon. It contains recommendations and references to other ISF deliverables and resources that can help address these risks.
"Threat Horizon 2014 highlighted that the cyber arms race would lead to a cold war. Rather than cold, this 'war' has turned hot with more governments developing offensive cyber capabilities. Threat Horizon 2015 predicted that governments and regulators will demand more of organizations in preparing for cyber threats, yet will offer little direct guidance," continued Durbin. "In this year's report, we have determined that government activities will further complicate the way organizations operate in cyberspace. We anticipate that the threat landscape will continue to widen and organizations must prepare to work in this new normal – now."
Threat Horizon 2016, which contains a business-oriented view of threats that may affect an organization over the next two years, focuses on the following themes:
- No-One Left to Trust in Cyberspace – Organizations must prepare to operate in an environment where governments no longer balance national security with citizens' and business's best interests
- Confidence in Accepted Solutions Crumbles – Organizations need to build resilience against cyber threats at a time when a number of accepted solutions are no longer viable
- Failure to Deliver the Cyber Resilience Promise – Unless Chief Information Security Officers (CISOs) evolve their skill set to ensure that they can anticipate the CEO's needs and deliver on an increasingly demanding digital agenda, they will fail
Threat Horizon 2016 contains detailed predictions along with trends and other factors that can increase or decrease the probability of the predictions coming true. The report also sets out to highlight the top 10 threats to information through 2016. These threats include, but are not limited to:
- Nation-State Backed Espionage Goes Mainstream
- A Balkanized Internet Complicates Business
- Unintended Consequences of State Intervention
- Service Providers Become a Key Vulnerability
- Big Data = Big Problems
- Mobile Apps Become the Main Route for Compromise
- Encryption Fails
- The CEO Gets It, Now You Have to Deliver
- Skills Gap Becomes a Chasm
- Information Security Fails to Work With New Generations
The Threat Horizon series of reports are aimed at senior business executives, up to and including board level, to help them understand the cyber threats that could have an impact on their organizations. The reports can also be used by information security professionals to explain threats to business audiences and to engage with them.
About the Information Security Forum
Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. It is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members.
ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organizations and developed through an extensive research and work program. The ISF provides a confidential forum and framework, which ensures that Members adopt leading-edge information security strategies and solutions. And by working together, Members avoid the major expenditure required to reach the same goals on their own.
Further information about ISF research and membership is available from www.securityforum.org