Keeping pace with evolving cybersecurity threats is no easy task. But emerging evidence is suggesting that consumers and IT professionals may be further behind the curve than originally thought.
One of the most important trends in both consumer and enterprise technology is the growing popularity of Internet-enabled mobile devices. According to Oracle's latest report on the mobile communications industry, smartphone owners represented approximately 70 percent of all global mobile users responding to the survey. Within this category, nearly half of respondents indicated that they have increased their data consumption within the past year, while voice and text usage have remained relatively stagnant.
Mobile applications continue to be an important draw for smartphone and tablet owners. According to Oracle research, 55 percent of respondents reported downloading a free app, while one-fourth have purchased a premium app. This trend could spread to additional platforms as well, after nearly six in 10 respondents indicated that they currently own or plan to purchase a tablet within the next 12 months.
Consumers are also demonstrating a willingness to use mobile applications for a wider range of retail and banking purposes, according to Oracle. But with these gains in productivity come increased data security risks. Despite uninhibited growth of mobile data usage, nearly seven in 10 respondents said they did not trust, or were uncertain about, the mobile security features designed to protect their sensitive information during storage and transfer.
As mobile security issues continue to stump consumers, IT administrators around the world are simultaneously struggling to secure the cloud computing infrastructure underlying some of today's most notable technological advances.
Although there is often a learning curve for Internet security professionals managing new technology, a new report from the Ponemon Institute suggested that persistent cloud security issues may actually be a factor of faulty organizational structures.
In its survey of 1,000 IT security practitioners and enterprise compliance officers, Ponemon analysts uncovered several important disparities. Approximately half of all responding compliance officers believed that cloud environments are more secure than on-premise data centers, yet just one third of IT security professionals shared those sentiments.
"While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups," research firm founder Larry Ponemon explained. "What is most troubling is the fact that while respondents feel they lack adequate technologies to secure their IaaS environments, ownership for security in the cloud is dispersed throughout the organization."
Within the study, 21 percent of compliance officers suggested that they were ultimately accountable for network security decisions, while 22 percent of IT administrators felt they should assume the role. But regardless of the precise figures, the diffusion of responsibility and lack of organizational cohesion provide an important commentary on the greater information security community.
If businesses and consumers want to take control of their data once again and protect it from targeted and incidental breaches, communication and education simply must be improved.
So far, cybersecurity awareness efforts have been primarily spearheaded by government organizations. According to the U.K. Information Commissioner's Office, growing awareness of Data Protection Act statutes may be inspiring more responsible data security practices from British businesses.
In a recent ICO survey, approximately 75 percent of responding businesses now understand their data protection obligations. This figure represents a 26 percent increase over 2010 research.
"I'm encouraged that the private sector is waking up to its data protection responsibilities, with unprompted awareness of the act's principles higher than ever," Information Commissioner Christopher Graham explained. "Businesses seem to know what they need to do – now they just need to get on with doing it."
In conjunction with progress in the business community, the ICO is also focusing its efforts at the individual level. The agency is hoping to instill the importance of data security from an early age with an updated portion of its website specifically targeting youth. The content contains easy-to-understand information regarding privacy rights and tips for avoiding the tricks and scams of hackers.
U.S. officials have also completed a similar project by declaring October National Cybersecurity Awareness Month. The initiative was directed by the National Cyber Security Alliance, a nonprofit organization dedicated to public and private sector digital security education and awareness.
"National Cyber Security Awareness Month continues to grow stronger every year in our effort to raise awareness for a very simple but powerful message: It's our shared responsibility to protect the Internet and our digital assets," noted NCSA executive director Michael Kaiser. "The wide array of participation speaks volumes about the commitment from various communities in making the Internet more safe and secure."
Cybersecurity awareness and education initiatives may not change the digital security landscape overnight. But persistent efforts and cooperation from all members of the information security community may be the only answer to lingering problems and emerging threats.
Data Security News from SimplySecurity.com by Trend Micro