2015 was very much the year when the media woke up to the potential damage that data theft can bring for consumers and businesses.
The most covered hack was the Ashley Madison hack, where 32 million users had their details stolen. This was more than simply their credit card numbers and addresses, as it included extremely personal aspects such as fetishes and what they were looking for in a partner. When the hacker's demands were not met and the information was made public, the damage went far beyond financial loss - there have been reports of divorces, loss of reputations and at least two reports of suicides.
Ashley Madison may have been the most high profile leak, but the larger and potentially more serious hacks at Anthem saw 80 million people having their records stolen from the medical insurer. Although the number of people affected was astronomical, arguably the most serious was Carphone Warehouse, where 2.7 million customer had their personal details and credit card information leaked.
These kinds of hacks are not only happening at irresponsible companies. The Office Of Personnel Management had a significant breach, and according to Reuters - 'said data stolen from its computer networks included Social Security numbers and other sensitive information on 21.5 million people who have undergone background checks for security clearances.' This is perhaps some of the most personal and important data that can be stolen, potentially leaking the (remove) information of some of the most important and powerful people in the US.
Hacks and data breaches like this are increasing in number and severity, meaning that companies, governments and even individuals are having to assess their protection policies and what can be done to decrease the chance of them losing even more data. With this increase in serious data breaches, the media have also had their interest piqued, creating more awareness of the issues to a wider audience.
This awareness in the media has then led to action by companies to protect their data and hence the data protection industry has grown exponentially. Future growth is going to be considerable too, with Markets and Markets predicting that the cyber security industry is estimated to grow to $170 billion by 2020, at an annual rate of 9.8% between 2015 and 2020.
The changes have started already, with IDC claiming that the biggest growth areas have been security analytics and threat intelligence at 10% increases, mobile security at an 18% increase and cloud security seeing a huge 50% increase in investments in the past 12 months. These figures are indicative of the issues that are currently facing data holders and the areas in which weaknesses occur.
However, this growth alone may not be enough to improve the data security industry according to Amit Yoran, President of RSA, who believes that information security today is 'fundamentally broken.’ As the current President of RSA and former Cyber-Security Director at the US Department of Homeland Security, his words certainly carry some weight. In fact he is damning of the industry as a whole, the leaders of which he claims are 'sailing on the same maps even though the terrain has changed' whilst RSA have, he says, 'sailed off the map.’
Therefore, despite the predicted growth, the industry needs a complete overhaul. With the amount of hacks taking place despite multi-million dollar security software, improving the data breach epidemic will fall at the feet of the data security industry.