The Security Stories of 2013 that Will Prepare Us for 2014
As we reflect on 2013, we have much to be thankful for. However, we have also suffered through a number of significant security challenges and events. Below, I have listed a few of the more well-publicized events and explain what lessons we can take into 2014.
Violence
Violence and mass shootings continued as an unfortunate trend in 2013. The Sandy Hook School massacre in late 2012 reminded all of us just how vulnerable our schools and children can be. Schools and college campuses continue to be a source of great concern as they have become one of the new target areas we have to be concerned about.
To date, we have had 13 incidents at schools or college campuses in 2013, ranging for single incidents to multiple incidents. Locally in October of this year, we had a student allegedly kill his math teacher in Andover MA. This was a stark reminder that students don't always target students.
We also had a terrorist act domestically when the bombers struck at the 2013 Boston Marathon just before the finish line. The two separate blasts and crazy aftermath on the days after the event, resulted in 4 deaths, many seriously injured and maimed, with countless others dealing with mental and physical scars that will last a lifetime.
We had the Navy Yard shooting in September of 2013 when a lone gunman killed 12, seriously injuring 3 others.
Data Breaches
As a society, we are still extremely exposed; however, the numbers for 2013 will be much better than 2012. Last year at this time, close to 28 million records had been compromised vs 11 million this year.
Here are some of the top breaches to date for 2013:
- CorporateCarOnline.com - 850,000 Records stolen
- Adobe - Nearly 3 million PII (Personal Identifiable Information) records, more than 150 million username/password combos, and source code from Adobe Acrobat, Coldfusion were stolen.
- U.S. Department of Energy - PII stolen 53,000 records for former and current DOE Employees.
- Advocate Medical Group - 4 Million patient records stolen.
- Evernote - 50 million usernames, email address and encrypted passwords may have been compromised.
What if the plot in Live Free or Die Hard was realistic? Keep a close eye on state and local networks to ensure it stays in Hollywood.
Areas of Concern for 2014:
As we move into 2014, there are a few areas that we need to pay special attention to:
1) Mobile Devices: Smartphones and Tablets are everywhere and the race to develop the latest and best apps is a huge business, but how secure are they? Do you think twice before downloading or buying new apps. Web apps are becoming the preferred areas for attacks.
2) Medical Devices: Devices like insulin pumps or pacemakers as they are regularly connected or monitored by wireless networks.
3) The Cloud: As companies of all sizes move their critical data to 3rd party cloud services, we are told they are more secure. However, are they safer? Have you done the research or even visited the data farms your information is stored at? This is a topic that will need to be watched and reviewed for a few years to come.
4) State and Local networks and grids that control everything from traffic lights, bridges, tolls and water treatment plants have become important targets to those who want to create chaos. These will only continue to be areas that need to be evaluated and secured regularly.
While this list is far from complete, these are just a few highlights that have or may continue to occur. We always stress that security is a balance between the physical and technology we use. Ensure that you maintain a balanced approach when evaluating your personal or corporate risk.
Should you have any questions or concerns, please feel free to reach out to me