Mobile and Cloud Computing Face Emerging Threats

 
 
By Karen A. Frenkel  |  Posted 12-10-2013 Email Print this article Print
 
 
 
 
 
 
 
 

At last month's annual Georgia Tech Cyber Security Summit, security experts from academia, private industry and government gathered to discuss new technologies and strategies to ward off sophisticated cyber-attacks. The resulting report, "Emerging Cyber Threats," discusses emerging threats, their potential impact and countermeasures. The report notes that organizations face a dilemma: they must protect information from data-stealing malware while allowing employees to efficiently access data in order to do their jobs. "With recent revelations of data collection by the federal government, we will continue to see a focus on cloud security," says Wenke Lee, director of Georgia Tech's information security Center. "But encryption in the cloud often impacts data accessibility and processing speed. So we are likely to see increased debate about the tradeoffs between security, functionality and efficiency." The report addresses losing control of cloud data, insecure connected devices, how hackers are adapting to mobile, the high cost of defending against cyber-attacks, the rise in cyber-security insurance purchases, and information manipulation advances. Below are highlights of the mobility and cyber insurance sections. To view the full report, click here.

 
 
 
  • Attackers are Adapting to Mobile Ecosystems

    Mobile devices can be thought of as sensors that enable new threats, like malicious software, and offer unparalleled glimpses into people's lives.
    Attackers are Adapting to Mobile Ecosystems
  • Protect the Data

    Employee-owned devices make platform-specific security challenging, so focusing on protecting data may be more effective than securing the devices, according to the Georgia Tech report.
    Protect the Data
  • Technology Outruns the Law

    U.S. courts have not arrived at a consensus on government access to data. The implications of tracking ubiquitous mobile devices are not well understood.
    Technology Outruns the Law
  • Employee-Owned Devices Change the Security Model

    The BYOD trend means insecure network devices and data stored on personal devices. Securing employee-owned devices is difficult, so malware can use smartphones and tablets as launch pads for attacks into corporate networks.
    Employee-Owned Devices Change the Security Model
  • Corporate Data At Risk

    Because employees are using their mobile devices for work, corporate data gets stored in these relatively insecure environments, enabling intellectual property to be stolen.
    Corporate Data At Risk
  • Locking Down or Locking Out Mobile Devices

    Because of its alluring productivity gains and cost savings, BYOD is not going away, so companies will have to bar untrusted devices from accessing sections of their networks.
    Locking Down or Locking Out Mobile Devices
  • OS Vendors Play Defense

    Google has added a permission-based security model, security controls, the ability to revoke applications, and an automated system to vet applications for Google Play. From the start, Apple went further by tightly controlling certain system functions and checking applications for potential malicious behavior.
    OS Vendors Play Defense
  • But Attackers Circumvent Gated Communities Anyway

    Last August, Georgia Tech researchers showed that the App Store review process cannot prevent the introduction of malicious apps.
    But Attackers Circumvent Gated Communities Anyway
  • Legal Use of Data More Threatening Than Attacks

    Although malware and hacks are significant threats to mobile device users, the Georgia Tech report says the legal use of data collected from smartphones and tablets is a far more pervasive threat.
    Legal Use of Data More Threatening Than Attacks
  • U.S. Courts Unclear Regarding Warrants

    Wireless carriers, manufacturers and application developers can collect user data, but it is not clear whether law enforcement can request this information without a warrant.
    U.S. Courts Unclear Regarding Warrants
  • Can Cyber Insurance Reduce Risks?

    In 2012, the number of companies buying cyber insurance policies increased by a third compared to the previous year, according to Marsh, an insurance broker.
    Can Cyber Insurance Reduce Risks?
  • Confusion Over Coverage

    It is not always clear, however, what cyber insurance does and does not cover. Experts are working with insurance companies to set industry standards.
    Confusion Over Coverage
 
 
 
 
 
Karen A. Frenkel writes about technology and science, innovation, and entrepreneurs and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...