Cybersecurity to get more complicated in 2014: ISACA

Cybersecurity is set to get a lot more complicated in 2014, a global IT association has warned all businesses - big or small, asking them to brace up.

IT and cybersecurity professionals should resolve now to gear up for accelerated change and complexity in 2014, especially in cybersecurity, data privacy and big data, according to non-profit ISACA, to ring in the New Year securely.

"The pace of change expected in 2014 will put incredible pressure on technology professionals in the workplace with a focus on keeping IT risk in check while at the same time delivering value to the business," said Bhavesh Bhagat, CEO of EnCrisp, co-founder of Confident Governance and member of ISACA's new emerging business and technology committee.

ISACA, that provides guidance to help business and IT leaders maximise value and manage risk related to information and technology, has predicted on certain areas businesses should be preparing for in 2014.

It has asked businesses to prepare for privacy 2.0 as attitudes towards data privacy are unlikely to reach a consensus in 2014. Instead, be prepared to accommodate both those with little expectation of privacy and those who view their personal data as currency and want to control how that currency is spent, it said.

Slim down big data: Explosive data volumes were the No. 1 issue posed by big data in ISACA's 2013 IT Risk/Reward Barometer. Unmanageable data creates redundancies and is difficult to secure, it said.

ISACA has also asked businesses to eliminate the excess data and consolidate what remains, to promote sharing and protect using better controls.

Plan to compete for cybersecurity and data analytics experts: The need for smart analytics people and cybersecurity defenders with the right certifications is only going to grow in 2014.

It said businesses that plan on hiring during the new year need to make sure their compensation package and job descriptions are competitive.

Rethink how your enterprise is using your information security experts: With some elements of IT security operational responsibility (including malware detection, event analysis and control operation) increasingly being outsourced to cloud providers, smart leaders are enabling their internal security experts to become hunters instead of just defenders.

This allows them to proactively seek out the most hard- to-detect threats, build internal intelligence capabilities, construct better metrics and invest in operational risk analysis.

Ramp up for the Internet of (even more) Things: With past research showing 50 billion devices expected to be connected to the Internet by 2020, start working now on a policy governing connected devices, if your enterprise does not have one now, it said.