Access your Pro+ Content below.
Information Security 2014: Shifts ahead after a watershed year
This article is part of the Information Security issue of December 2014 Volume 16 / No. 10
As another year ends, we look back to try to figure out what we can take away from the security blunders and breakthroughs in 2014. It was a year of ongoing mass surveillance and game-changing data breaches. Was a tipping point finally reached? In a perfect storm of hemorrhaging credit card info, one retailer after another in 2014 had their point-of-sale (PoS) systems fleeced by way of sloppy defenses and rampant malware. Target Corp., as patient zero, replaced all its card-swipe machines with chip-and-PIN equipment while, at Black Hat in early August, Ross Anderson (once again) reminded us that chip-and-PIN is broken several times over and in ways that he was happy to show proof-of-concept videos to illustrate. Vendors talked about "advanced threats" as if the phrase meant something when it came to security product selection. The old C-language program code that keeps the Internet ticking broke down in frighteningly low-tech ways and no one noticed. To borrow a phrase from Dickens: Overall, 2014 represented the worst of times ...
Access this PRO+ Content for Free!
Features in this issue
This year’s honorees have worked to move InfoSec forward with contributions in secure information sharing, cybersecurity science, community building and incident response.
The virtualization security tools available to enterprise teams have improved, but is anybody using them?
Editorial Director Robert Richardson looks at the year in review and offers his take on the security blunders and breakthroughs and some lessons learned.
Keeping up to speed on new adversaries may require a change in tactics.
Columns in this issue
Check out this year's esteemed group, whom we are pleased to add to a noteworthy mix of past honorees, as we mark the 10th year of the Security 7 awards.
Incident response planning will define a CISO's -- and the company's -- survival after a breach, says legal counsel and CSO Chris Pierson.