Security trends for 2015

By Simon Campbell-Young for Phoenix Distribution
Johannesburg, 18 Feb 2015

Last year saw a seamlessly never-ending flow of cyber attacks and data breaches, affecting companies of all sizes and across a variety of industries, from retailers and banks to government sites. Simon Campbell-Young, CEO of Phoenix Distribution, says 2015 can expect more of the same, with the sophistication and severity of cyber attacks growing over the coming year.

He sees several trends coming to the fore this year. "There aren't a great deal of threats that are totally new, but they will definitely be fine-tuned and likely to get more complex and dangerous."

The Web has become the de facto platform for activists, terrorists, criminals and the dark underworld in general to achieve their nefarious ends; be it making money, disrupting governments or stealing corporate secrets. This year, he says, we will see cyber criminals collaborating with each other more and more, as well as an increase in their technical competency.

"The tools and tricks they use are amazingly innovative and effective. This will only get more so in months to come. My advice to businesses would be to expect the unexpected and prepare for the worst. Ensure that you are resilient and able to weather a high-impact breach or security event," Campbell-Young points out.

"The growth in cyber crime, rise in hacking for causes or hacktivism, and increasing pressure to have solid governance and compliance in place, combined with the under spending on security and technological genius of threat actors is creating a difficult situation for businesses. Those companies who are focusing on what needs protecting the most will be the best placed to weather a serious breach."

See also

Managing mobility

How the omnichannel takes 'location, location, location' to new levels

He says the vast majority of governments have regulations in place to safeguard their citizens' personal information from corporate negligence or carelessness, and have staunch penalties in place for those companies who let their customers' data fall into the wrong hands. "I only see regulation tightening this year, due to the slew of breaches we saw in the past year. There will be tightening controls governing how information is collected, stored and used, and more and more severe penalties imposed."

Another area that will see security efforts focusing on, is the supply chain, he says. "While supply chains and third-party partners are crucial to almost every type of business, companies are becoming aware that they pose a number of serious risks. A lot of confidential and valuable data is shared with partners, and as soon as that information is shared, total control over it is lost."

"This in turn can lead to its integrity being compromised," he says. "I predict third-party providers will be in the security spotlight in 2015, and will be used increasingly as an attack vector, particularly when it comes to the more advanced and targeted attacks out there."

Businesses of all sizes will be forced to think about the ramifications of their third party partners and suppliers accidentally letting their sensitive data fall into the wrong hands. "We recommend working closely with these partners and ensuring security measures and due diligence is in place, and always enforce the principle of least privilege. A well-structured supply chain information risk assessment approach can give the business a comprehensive, easy to follow approach to minimising risk and limit in fallout in the event of an incident."

Another trend that was under the spotlight in 2014 and is here to say, is BYO, says Campbell-Young. "BYO - whether device, application, wearable - is here to stay, and while many business have BYO policies in place, those who don't will need to develop these guidelines as soon as possible."

More and more employees are flooding the enterprise with a wave of devices, cloud-based storage, wearables and applications, and this is only going to increase, he says. "As personal devices and suchlike enter the enterprise, so does the attack surface increase, and risks from personal devices being exploited continue to grow. These risks aren't only from outside attackers either. In fact mismanagement of the device itself, as well as loss resulting from carelessness, accounts for many major risks to the organisation, not only the exploitation of software vulnerabilities and the deployment of poorly tested, malicious or unreliable business applications."

The final security trend that Campbell-Young has identified for 2015, is the old insider scourge. "Companies around the world spend many billions of rands on security measures and protocols, yet do not focus enough on protecting them from the potential dangers within the organisation. An organisation's greatest asset is its people, and there will be more focus on spending on awareness, and education. Employees will always be an unknown quantity. When it comes to security, they are unpredictable, and businesses must embed information security behaviours at every level of the business."

Phoenix Distribution

Phoenix Distribution is currently the leading value-added distributor of software, accessories and peripherals across the African continent, covering software publishing, localisation and product distribution across multiple territories in multiple languages.

The business is segmented into two divisions, namely corporate software licensing and retail product distribution, and Phoenix Distribution dominates the consumer and SMB security sectors through key brands which include: Norton/Symantec, AVG, Kaspersky and Bitdefender. Additional brands within the consumer-focused range include, Microsoft software and peripherals, Beats by Dr Dre, Trendnet Wireless products, Monster Cables and mobile accessories.

The corporate licensing division sells volume licensing into the enterprise and SMB reseller environments, as well as covering architecture and implementation. The ESD division delivers download content into all channels, including B2B and B2C.

The retail division delivers physical product into the retail environment, covering all mainstream ICT, CES, telco, lifestyle, fashion and sports outlets, as well as independents and online stores. This division delivers direct to outlets and or customers across sub-Saharan Africa.

Phoenix Distribution is growing at 70% per annum, with additional acceleration coming from development within the greater African marketplace, as well as the acquisition of significant high-end product lines within the enterprise arena. In addition, the company's UK business, PX Security, is firmly entrenched within the UK retail and SMB reseller environments, shipping product through trusted distribution partners into mainstream retail outlets and direct engagement with B2B resellers. The UK operation publishes and distributes Bitdefender, Webroot and Avast.

Additional bespoke services offered to partners include Electronic Software Distribution within the B2B and B2C environments, category management, training and end-to-end merchandising.

Phoenix Distribution, including the UK subsidiary PX Security, was recently acquired by First Technology Holdings.

For more information, visit www.phoenixsoftware.co.za, www.pxsecurity.co.uk and www.pxsoftware.co.za.

For purchasing information in Africa, visit www.kasperskyafrica.com, www.kasperskyangola.com, www.kasperskybotswana.com, www.kasperskymozambique.com, www.kasperskynamibia.com, www.kasperskysouthafrica.com, www.kasperskydrcongo.com,

www.kasperskyzimbabwe.com, www.kasperskyzambia.com, www.antivirusangola.com, www.antivirusbotswana.com, www.antivirusmozambique.com, www.antivirusnamibia.com, www.antivirussouthafrica.com, www.antivirusdrcongo.com, www.antiviruszimbabwe.com, and www.antiviruszambia.com

Editorial contacts