What are the trends in the field of information security and information security are the closest the Ukraine?

Protection from hackers and industrial spies always been one of the most important aspects in any company. And let the information security can be perceived as a technical challenge in itself, but the reality is the foundation of the business, because under the threat may prove competitive position and the financial health of any company. With the development of information technology are increasing threats to the corporate infrastructure. If earlier (and now too) folder labeled "Case" it was quite difficult to steal, today the entire accounting can easily fit on a thumb drive. Why Ukrainian leaders need to know the list of the most important trends in the field of information security.

Industrial espionage

Today, industrial espionage has become so routine that soon all will stop paying attention to it. According to researches of the Ukrainian market, 65% of companies experienced data leakage and industrial espionage in one form or another. But each such leaks can cost a lot of money.

The main targets of industrial espionage are not acting industrial enterprises, as it might seem at first glance, and the organization of the financial sector, commercial enterprises and IT-companies. The share of the services sector is growing at a record themes: 3 years ago only banks can "boast" such unwanted attention. Spies are interested in almost all business plans, financial statements, even recording planёrok and meetings.

Information often leaks through electronic channels, so most companies just try to control all communication channels: email, Skype, ICQ, social network. In this case, perfectly proved themselves tools like DLP-system.

It is worth noting an important point. The introduction of DLP when it is obvious that someone merges information - inefficient. Security staff needs time to collect the base of suspicious activity. Therefore, set the DLP-system needs to be as soon as the financial opportunities allow, rather than waiting until the insider sell your information to competitors.

Postavnaya base stations and wiretapping

Currently, the smart phone has become an integral part of our lives. In it - all. Our contacts, communications, personal information, everything that wants to take over the attacker. Protection of mobile devices has become urgent as ever. For now, having spent a few hundred dollars on e-bay, you can get a portable station for interception of mobile communications and negotiations.

Our smartphone is always looking for the strongest signal, and this vulnerability became the basis for the creation of false base stations. The false base station the size of a small suitcase can operate at distances up to 500 meters. Catching it on the signal, the phone is connected to it, and further traffic goes through it to this station. You can not notice that you are listening, because the signal is redirected to the real station and the conversation takes place in the normal mode. Needless to say, what would happen if an attacker, for example, will receive the codes of your transactions.

Wiretapping can be carried out also by malware. It is necessary to carefully control which of your installed programs you have access to a video camera and microphone, and if you trust the manufacturer. Given that, according to research by SearchInform, more than 70% of Ukrainians use personal smartphones for work purposes, you can imagine the true extent of the problem.

Fight with all of this is difficult, but possible. For example, there are special security applications for smartphones that can be implemented at the level of corporate security policy. If some of the applications does what should not be done, the program will block his quarterback. From listening to the conversation from the base station application is protected by other means. The application scans, to which station you are connected, check its position and brings in the base. If suddenly your phone connects to the same station in another place, he informs that the conversation can be heard.

Secure Cloud Services

The climax of sync all your devices can be called cloud storage. Access to their documents from anywhere in the world where there is a wireless connection. Even 10 years ago it was something of a kind of fiction, but today we do not pay attention to it.

For any cloud service to protect client information - a question of paramount importance. But despite this, many managers still look warily on their use. This is understandable, because no one wants to have their information kept by third parties. In addition, it is not clear who owns the data - you, or the company ISP. Is it possible that one day the provider you refuse access to them? Fuel to the fire and adds another story to merge into a network of personal photos of celebrities, and raises questions about the safety of their data in the cloud. Providers argue that today they are confident in their protection against attacks from the outside, but what if the insider is among the company's employees?

According SearchInform, about 60% of Ukrainian companies use various cloud solutions, but only 5% use internal private clouds.

The only solution for the safe operation of cloud services will encrypt the data before sending them to the cloud. Encryption keys are stored only at you, so even if an attacker and get access to the files, extract data from it he did not succeed.

What's next?

It is assumed that the costs of protection will increase. Last year, the information security market has grown by 25% and the amount of money it reaches $ 1.399 billion per year. Widespread mobile technology, applications and devices means that more people have remote access to corporate systems and services and, therefore, weaknesses in the system of protection, has increased.

I do not think that this is a problem only of large companies. According to statistics, out of all the companies who have been targeted attacks, 31% were with fewer than 250 employees.

In general, the industry is waiting for a full transition from concrete solutions to complex systems that will soon cover several tasks simultaneously: network gadgets and clouds. And despite the increase in the number of IT threats, develop defenses against them will reduce the number of incidents in the area of ​​information security.