Earlier this year I surveyed some authors about what they considered their top 5 information security issues. While there were some surprises, such as supply chains, there was more consensus. Among the top issues are cloud security, malware and advance persistent threats, smart phones and other mobile devises, social media in the workplace, data loss, and critical infrastructure protection and cyberwarfare. As I said, no surprises.
Lately, though, we’ve been reading and hearing in the consumer press about malware, cyberwarfare, tons of data loss, and security and privacy problems with social media as well as more invasive and insidious tracking. So, there’s increasing awareness of these threats by the general population, or should be, and convergence between what they and people working in information security consider risky. Maybe.
There’s a lot of distance between being aware of something and doing something about it. People are still flocking to smart phones and social networking, sharing far too much data and information, and leaving themselves at risk to threats they really don’t appreciate. Ignorance is bliss until calamity strikes, and it will.