Now more than ever, IT security and cybersecurity is extremely important for any business. While the threat of data breaches has been prevalent for quite some time, scammers, hackers, and other threats to your data have amplified. Unfortunately, these threats are showing no signs of stopping and are constantly thinking of new strategies to increase their reach through hacking into business confidential data and other private information. In this post, we're going to give you a background on the history of IT security, followed by the future of cybersecurity and the increasing threat of cyber attacks on our businesses and organizations.
A Brief History of IT Security
In 1986, the Computer Fraud and Abuse Act was established over the growing concern that computer-related crimes were going unpunished. The law prohibited accessing a computer without authorization, or in excess of authorization. Since 1986, the law has been updated six times to add necessary amendments as computers and technology grew more advanced. In 1988, the Morris Worm was one of the first computer worms distributed through the internet. The worm gained mainstream media attention and the accidental creator of the worm, Robert Tappen Morris, became the first convicted felon under the Computer Fraud and Abuse Act. He was sentenced to three years probation, 400 hours community service and fined over $10,000. The U.S. Government Accountability Office estimated the cost of damage from the worm to be anywhere from $100,000 to $10,000,000.
In 1996, the Health Insurance Portability and Accountability Act (HIPAA) was introduced, which defined security safeguards for electronic protected health information. Three years later, the Gramm-Leach-Bliley Act created more guidelines for financial institutions for written security plans for protecting clients' information. In 2002, the Federal Information Security Modernization Act (FISMA) was enacted, which required all U.S. federal agencies to develop, document, and implement an information security program. That same year, California became the first state to make it necessary for companies to notify their clients in the event of a data breach.
The Future of Cyber Security
Since then, additional laws and guidelines have been put in place to secure the safety of online information. However, hackers are also becoming more sophisticated, resulting in an increase in successful attacks. In fact, according to Quartz, this past decade has nine of the 10 largest data breaches, seven of which occurred in the past five years. Regarding the size of these attacks, all of the 10 largest had over 100 million accounts hacked, with the 2013 Yahoo incident taking the top spot with three billion accounts hacked. So, what exactly is the motive behind these attacks?
In a Forbes article, Gil Shwed, the founder and CEP of Check Point Software Technologies Ltd, outlines the type of attacks and where they originate. First, there are nation sponsored organizations that develop cyber-attack technologies for both defensive and offensive initiatives. Next, there are financially driven groups who will continue to look for ways in which they can monetize their attacks. Third, hacktivists (such as the infamous Anonymous) will continue to use cyber attacks to distribute their message, and terrorist groups will also shift into the field of cyberspace to weaken those who oppose them and to strengthen their message. Last, Shwed describes the final category as people without a motive, but who simply "demonstrate their technical skills."
Without a doubt, one of the more alarming characteristics of cyber attacks is there are so many different perpetrators, which makes it hard to prepare for each one. On top of that, technologies are continuing to become more advanced and the digital age is showing no signs of stopping, meaning that our lives will continue to become more integrated with these technologies. The takeaway here: there is more data out there online than ever before, and the amount will only increase. To handle all of this data, Shwed offers that we "need to interconnect our defense systems to be able to act in real time." In addition to this, we must continue to implement artificial intelligence in our online security, due to the fact that a human analyst will be unable to handle all for the information. Artificial intelligence will be able to help make fast and efficient decisions in the event of an attack.
It's also important that we continue to train and encourage cybersecurity experts for the next generation. Countries and states will be forced to play bigger parts in protecting their infrastructure as well. And it may be important that they provide intelligence to the public, as transparency between these two bodies is crucial going forward regarding security. Large corporations pand their IT security to ensure that their data remains safe. Not only on their servers, but on their personal computers and mobile devices.