TÜV Rheinland and OpenSky Corporation Announce International Perspective on Cyber Security in 2015

Share Article

This outlook is the result of a review of current market trends from the perspective of leading security analysts and consultants at TÜV Rheinland, OpenSky, and OpenSky UK.

TÜV Rheinland and its subsidiary OpenSky Corporation have released their predictions for the major cyber security trends of 2015.

“The continued proliferation of sophisticated cyber attacks at every level of the supply chain is of major international concern,” said Olaf Siemens, Global Vice President of Information Security at TÜV Rheinland. At the same time, consumers are rapidly increasing opportunities for attack with demand for connection to the Internet of Things.” These are just a few examples of trends that underlie the global security landscape and will drive consumer and business decisions in 2015.

1.    Compliance: Pressure on Businesses is Mounting. IT security budgets will increase and so will the costs of data breaches, fines and lawsuits for violations of data protection. Against this backdrop, and the increasing risk of becoming a victim of a cyber attack (see also APT), companies will have to invest in information security governance systems that are effective and geared toward the risk and also adapt their processes and tools accordingly. More often, emergency management systems will be converted into business continuity management systems. Mobile platforms such as phones and tablets will raise security and privacy issues more often in the future, partially because of how they are designed, and partly because people are accustomed to managing their lives on the go.

“These trends mean that our clients, both in the US and internationally, will be pressured with stricter compliance requirements and could face increased consumer backlash in the event of a breach,” said Roger Levasseur, President and CEO of OpenSky. Consumers are frequently willing to use social media to vent their frustration over compromised data and are making leaks increasingly public.”

2.    Advanced Persistent Threat (APTs): More Businesses Calling on Outside Specialists. Organizations cannot successfully fend off targeted, sophisticated attacks using conventional tools and methods. Many organizations are compromised without even knowing it. That is why companies are increasingly calling on outside specialists to use cutting-edge technologies and up-to-date expertise to recognize APTs and mitigate their impact as quickly as possible.

“2014 ended in a bang with the cyber attack against Sony. The scale of the hack resulted in major damage to the company’s brand, reputation and intellectual property in a way that should shake many,” said Nigel Stanley Practice Director for Cyber Security, Risk and Compliance at OpenSky UK. “We are now in the age of response and cannot guarantee keeping the bad guys out. If nothing else, focus and effort needs to be directed towards building and exercising a data breach response plan in 2015.”

TÜV Rheinland and OpenSky expect that a security incident response team (SIRT) will be in higher demand in 2015 than ever before. That goes not only for small to medium-sized enterprises (SMEs) but also major corporations. Preferred targets include the retail, banking, financial markets and the energy sector; however, attackers will be looking for the weakest link in the chain, chiefly among the smallest suppliers and medium-sized enterprises.

3.    The International Patient: Medical Device Cybersecurity. Once again, the main risks in 2015 include attacks on medical devices. The theft and sale of patients’ sensitive information is driven by insurance fraud, and gaining access to medical care or prescription drugs through stolen identities. In future, the healthcare industry will become more similar to the industrial manufacturing industry by placing as much emphasis on cyber security to protect patients’ sensitive information.

There are extremely loud calls to make medical equipment more secure in the US. In late 2014, the US Food and Drug Administration (FDA) published guidance on medical device security, which will give added momentum to the area of security analyses as well as application security. Service providers like TÜV Rheinland and its US subsidiary, OpenSky, are helping more and more companies to perform security assessments during the medical device software development phase.

4.    The Internet of Things (IoT): A New Dimension in Security Risks. The IoT is painting a clear picture of things to come. Market researchers like Gartner believe that in 2015, we will already be surrounded by 4.9 billion interconnected devices. By 2025, that number is expected to reach as many as 30 billion. The IoT is being driven by trends that include the optimization of existing business models, such as marketing, via geolocation services, smart homes, connected cars, and Germany’s Industry 4.0 project.

5.    Industry 4.0: Security Enforcement Is Not Optional IT solutions for remote maintenance of facilities and equipment, smart production plants and autonomous processes, even closer linking of administrative and production-related systems, high-tech automated solutions – the need for people inside production facilities is going to dwindle more and more. Machines and workpieces will soon be making many decisions themselves by exchanging data. With respect to the level of automation, Germany is already number one in Europe and number three in the world. Developments in innovation readiness for Industry 4.0 are being clearly driven by Germany’s automobile industry.

6.    Connected Cars: Connectivity more crucial than horsepower. Real-time maintenance information, location-based recommendations, up-to-the-minute traffic advisories, and music streaming – in 2015 connected car features will become the main selling points for buyers. According to a recent study by McKinsey, a vehicle’s connectivity is becoming more important than its performance. By the year 2020, the global market for connected car components and services will grow more than fivefold, from 30 billion euros today to 170 billion euros then.

Cars will serve as intelligent control centers for monitoring traffic conditions, weather, hazards, and infotainment. All the data collected can be analyzed and cars will effectively be turned into data harvesters. Yet, key questions concerning data protection remain unanswered. For instance, to whom does the data belong? The owner of the vehicle, the government, or the manufacturer who collects the data? There is talk of a voluntary commitment by manufacturers, but considering the overarching importance of privacy and data protection on the one hand and the safety of people and road traffic on the other, action is required on the part of legislators.

7.    The Cloud: Expansion of Public and Private Today, users want round-the-clock access to their data. The Cloud is not only a key pillar of ubiquitous computing, but also of the IoT, new forms of collaboration, Industry 4.0, technological advancements in medicine, Big Data, and for processing huge amounts of data. In a nutshell: The trend toward cloud computing is irreversible. Simply because of its purported indispensability, discussion about its security will continue. Cloud service providers will increasingly have to face the question of how resilient their own cloud-based security architectures actually are against cyberattacks.

The cloud promises innovation and progress, but the two are possible only with the trust of cloud users. However, trust can only grow when solutions are secure. In 2015, the debate over cloud security will mature. Users will learn to tell more precisely what services the public cloud can be used for and what guides the market offers to the security of cloud-based services (certificates). Besides the ever growing market for public cloud computing, private clouds are also on the rise since companies are realizing that they need to migrate in business-critical areas in order to protect their digital crown jewels.

Detailed information on cyber security trends in 2015 and their place in the overall context can be found at http://www.tuv.com/press.

About OpenSky Corporation

OpenSky Corporation is part of the TÜV Rheinland group. OpenSky provides information technology expertise to help corporations optimize IT platforms, protect information assets and accelerate the adoption of strategic technologies. It specializes in transformational IT infrastructure, security and compliance consulting. TÜV Rheinland is a $2B global leader in independent testing, inspection, certification, and consulting services.
For more information about OpenSky, please visit http://www.openskycorp.com.

About TÜV Rheinland

Founded in 1872, TÜV Rheinland is a global leader in independent testing, inspection, and certification services, ensuring quality, efficiency and safety for people, the environment and technology in nearly all aspects of life. The company maintains presence in 66 countries, employs 18,000 people and has an annual revenue of more than $2.2 billion (€1.6 billion). TÜV Rheinland inspects technical equipment, products and services, oversees projects and helps to shape processes for a wide variety of companies through its worldwide network of approved labs, testing facilities and education centers. Since 2006, the company has been a member of the United Nations Global Compact to promote sustainability and combat corruption. For more information, visit http://www.tuv.com/us.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Michelle White

Hope Mascott
OpenSky Corporation
(978) 266-9500
Follow >
Visit website