Jan 11, 2015

Concensus of 2015 security predictions

I find many security predictions unusable, uninteresting and often just pure marketing material or even misleading. Just for the fun of it, I still like to see the big picture of latest predictions. As in previous years I got security predictions from ten different companies and instead of reading them all, I just put all predictions together and created a word-cloud from combined text.

I used predictions from the same companies as last year: Fortinet, Information Security Forum, Kaspersky, Microsoft, Sophos, Symantec, WatchGuard, Websense, Trend Micro and FireEye.

Here's the "concensus" word-cloud:

2015 security predictions















Compare that to last year's predictions:

2014 security predictions
















Couple of observations. The big ones - as in previous year - are data, devices, mobile and malware. There's a bit more focus on information now, not just data. In 2015 cyber is back. It was big on 2013 list, but less so last year. On the other hand, privacy have disappeared. It wasn't big before, but at least it was there.

My summary last year was: Expect data-stealing malware attacks against all devices.

Since no groundbreaking threats are seen, my summary this year is: Expect attacks against Internet-facing (cyber) systems. The attackers are more likely to go after valuable information, not just raw data.

 This year I also tried another approach. I created a separate word-cloud from only the topics of security threats found from the predictions:

2015 security threats - topics only












Interestingly, from that picture, Internet of Things pops out. However, since the vendors often like to play with words when thinking of topic names and headlines, I find the full-text word cloud more interesting. Can't deny the security threat of IoT, though.

Feel free to make you own interpretations or - god forbid - read the individual predictions. You may also check this good summary of the 15 security predictions for 2015.

To me personally, the most useful security predictions document is Information Security Forum's (ISF) Threat Horizon report. It's freely available only to members and for others it's a bit expensive. However, a year old The Executive Summary of Threat Horizon 2016 is downloadable for free (requires registration). A new Threat Horizon 2017 should be out for members pretty soon now.

The Executive Summary of Threat Horizon 2016 shows this threat development according to global member organizations of the ISF:














Check also my word-clouds from previous years. Word-cloud of 2014 security predictions and Mother of all 2013 security predictions.

Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)