“Our goal of ‘Security made simple’ can only be fully realized when every interaction Sophos has with customers and partners exceeds their expectations,” said Kris Hagerman, chief executive officer of Sophos. “Mary has an extraordinary track record in building dynamic and high-impact customer care and customer support organizations, and we are thrilled to welcome Mary to our management team.”

With Sophos Winfield will promote and lead a world-class customer support organization that leverages the latest technologies, methodologies and engagement channels to deliver the highest levels of customer satisfaction. Sophos already has one of the industry’s highest reputations for support quality and customer satisfaction. Winfield’s mission will be to enhance that reputation even further; her organization will serve as the focal point for the “voice of the customer” within Sophos and advocate for customers’ needs across all facets of the business.

Mary Winfield said, “I am excited to join the Sophos team. I believe the company is executing a winning strategy, with winning products and a commitment to customer excellence that sets the standard for the security industry. I look forward to helping the company make the most of every engagement with customers in our quest to make security simple“.

Easy to deploy and simple to manage, Sophos Cloud gives Sophos partners and IT managers at enterprises of all sizes the ability to manage and maintain endpoint security to protect all users, regardless of physical location, via the cloud-based service. The launch of Sophos Cloud is the first step in the company’s aggressive strategy of cloud-enabling its entire portfolio. In addition, Sophos will continue to innovate and extend its ‘on-prem’ security software, providing IT professionals choice in how to best manage IT security in their environment.

Kris Hagerman, chief executive officer for Sophos, said, “Sophos Cloud is the answer to the constant struggle IT teams face in protecting and securing their enterprises. These IT teams may be as small as a single person, but the constant threats and challenges they face could overwhelm an army. To come to their rescue, we’re thrilled to deliver Sophos Cloud – it will be one of our key strategic priorities as we execute on our vision of being the best in the world at delivering complete and powerful IT security to small and mid-market enterprises and organizations of any size looking to simplify their IT security operations“.

With the management console hosted by Sophos Cloud, there is no server set up and service can be deployed instantly, providing complete security coverage everywhere – simply. Sophos Cloud delivers all the essential endpoint protection a company needs without any of the complexity traditionally associated with security management. The service is also consistent with Sophos’ ongoing focus and commitment to be a “Channel First” company.

“The ability to administer our security with Sophos Cloud allows us to better manage our resources and enables us to effectively utilize our time and money. The service was easy for us to implement, and it seamlessly integrated into our environment,” said David Fox, IT Consultant, Neptune Terminals.

“Small and medium businesses are especially challenged regarding IT security. They are targets and must meet security best practices yet are resource constrained,” said Charles Kolodgy, Research Vice President for IDC.

“Sophos Cloud is a welcome addition. Its features can remove some of the complexity tied to security management thus allowing small and mid-market businesses to improve security without taxing their resources”. “As an organization that specializes in IT security and services, M3Corp has had a valuable partnership with Sophos for more than 4 years. Sophos Cloud will help us extend that partnership to quickly deliver cloud security that is easy to deploy and manage, while providing the most efficient and economical security solution to all of our customers throughout Brazil. M3Corp’s partnership with Sophos ensures that our customers will be fully protected from all types of threats,” states Antonio Mocelim, Sales Director, M3Corp.

Availability
Sophos Cloud is currently available. Online 30-day trials are available by visiting: www.sophos.com/cloud

This list was conceived to put a spotlight on the professionals driving one of the most important customer segments in the industry today. These executives were nominated by peers, colleagues, customers and partners because of the strong relationships they have built with midmarket customers, for their leadership, strategic thinking and solution excellence they demonstrate. Valentine was also named a “top disrupter,” a listing of the 25 executives who shook up the IT industry this year.

Kris Hagerman, chief executive officer for Sophos, said, “Mike has been with Sophos for less than a year, but he’s already making an enormous impact. As the architect and driver of our “Channel First” sales strategy, Mike has enabled Sophos to make major strides to work better and more closely with the channel than ever before. Mike is well-known by the channel as a great leader, recruiter and winner. We’re thrilled to have Mike at Sophos leading our global sales team, and this validation from CRN and our partners provides added evidence that we’ve become the leading choice for delivering complete IT security without complexity.”

Commentary from the Sophos Channel
“Our partnership with Sophos allows us to provide comprehensive security solutions for clients, datacenters, and the cloud. We are excited about the leadership and direction Mike brings to Sophos,” said Stephen Perciballi, Security Category Leader, Datacenter Group, Softchoice.

“Sophos’ commitment to the channel is impressive. It has an outstanding partner program and excellent IT security value proposition with award-winning security solutions that are simple to implement and simple to use. Combined with its determination to help partners like us grow our business, Sophos is delivering on his channel first promise,” said Jez Turner, Sales Director, Foursys. Foursys is a specialist in IT security solutions, with over 16 years’ experience and more than 900 customers in the UK.

At RSA, Schiappa managed a business unit with annual revenue over $500M, and he had responsibility for engineering, product management, product marketing, an anti-fraud command center, and data center operations. At Sophos he will have full product responsibility for the company’s broad portfolio of end user security offerings, including endpoint, mobile, server protection, and encryption and data protection products.

Kris Hagerman, chief executive officer for Sophos, said, “I’m pleased to welcome Dan to Sophos. He has deep experience in the IT security landscape, and his background, drive and passion make him the perfect fit to accelerate our end user security strategy of delivering world-class on-premise and cloud-managed security solutions to protect our customers across their broad diversity of endpoints. We continue to add some of the brightest minds to Sophos as we look to become the world leader in delivering complete security without complexity for organizations around the world.”

Prior to EMC, Schiappa was at Microsoft, where he held several GM positions, including Windows security, Microsoft Passport/Live ID, and the company’s online display advertising platform. He also led strategy and corporate development for the Entertainment and Devices division.  As head of Microsoft’s security division, Dan led a 400-person product team responsible for developing the security infrastructure for Windows Vista/7 and Windows Server operating systems.  Also during his tenure, he was the key business leader for Microsoft’s BitLocker and Rights Management services.  Prior to Microsoft, Dan was the CEO of Vingage Corporation, a video server startup acquired by L3 Mobilevision, and was an executive at PictureVision, an online digital imaging startup acquired by Kodak.  Dan also held key technical roles at Informix Software and Oracle Corporation.

Schiappa said, “Sophos is poised to lead the charge for a more effective and simpler approach to securing users and data. The cloud will enable IT professionals and our partners to accelerate security deployment and simplify management in an ever changing landscape of malware, targeted attacks, and other security threats. And the continued innovations in end user and data protection will better safeguard enterprises of all sizes, whether they choose cloud or more traditional on-premise management.  It’s an exciting time to be at Sophos, and I’m thrilled to be part of the team.”

The firmware can be downloaded now from our Downloads page.

A new program, dubbed PIN Skimmer by its University of Cambridge creators, can correctly guess a high proportion of PINs using the device’s camera and microphone. When selecting from a test set of 50 4-digit PINs, PIN Skimmer correctly infers more than 30% of PINs after 2 attempts, and more than 50% of PINs after 5 attempts on android-powered Nexus S and Galaxy S3 phones. When selecting from a set of 200 8-digit PINs, PIN Skimmer correctly infers about 45% of the PINs after 5 attempts and 60% after 10 attempts. The university team discovered that PIN Skimmer could identify PIN codes entered on number-only softpads by using the camera on the device to monitor the user’s eye movements as they enter their code. Also, the microphone could be used to detect “touch events” – the clicking sound made as the user enters their PIN on the touch screen.

The paper, written in order to raise awareness of side-channel attacks on smartphones, took the approach that the device had already been infected with malware that was then attempting to snaffle the PIN. The university team then set out to see how effective an attack could be and, also, how PIN length may affect the likelihood that the code could be correctly guessed. Mimicking a typical piece of malware, stealth was a key feature in the design. The researchers ran image processing algorithms remotely to minimise battery drain, something that could alert the user that an unauthorised program was running.

An API exposed by the Android operating system was used to disable the LED that switches on in some handsets when the camera is in use. Photos and video taken by PIN Skimmer were saved to the phone but the file sizes were limited to 2.5MB to reduce detection. A real piece of malware could likely hide such files from view completely. Likewise, the research team hypothesised that the sending of data back to the remote server could also be hidden from the user.

Additional network charges is another problem connected with transmitting data. Many smartphone users are on tariffs that charge them additional fees should they use more than a pre-determined amount of data within any monthly period. To that end the report suggested that a real-life Trojan would probably report back to its control centre only when it detected a free WiFi connection within range. The researchers discovered that, contrary to what you may have expected, longer PINs were actually easier to crack than shorter ones. This unexpected result was put down to the fact that longer PINs actually gave the program more information to work with which increased its accuracy.

One of the co-authors of the report, Professor Ross Anderson wrote: Our work shows it’s not enough for your electronic wallet software to grab hold of the screen, the accelerometers and the gyro; you’d better lock down the video camera, and the still camera too while you’re at it. (Our attack can use the still camera in burst mode.)

As for mitigating the risks posed by such an attack, Anderson suggested that questions need to be asked as to which resources should remain accessible during PIN entry, though he did note how disabling some functions, i.e. the speakers, could cause extreme problems to the usability of the device: For instance when a call comes in, the user needs to hear the ring tone while unlocking his phone; otherwise he may assume the caller has hung up.

Instead, he suggests that whitelists may be the answer – denying use of all resources during PIN entry, unless explicitly authorised. Another option, according to Anderson, would be a more widespread adoption of biometrics in smartphones but that is not without its own issues.

You can read the original article here.

“This certification is a critical step toward the future development of LogPoint. It will enable us to pursue significant opportunities with government authorities, in the security and intelligence sector as well as with major corporations globally,” says Jesper Zerlang, CEO of LogPoint. “We are extremely excited about the partnership with Boeing that will elevate the LogPoint platform to the Tier 1 in the market and place us among the best enterprise SIEM security solutions”

Boeing will assist LogPoint prepare the SIEM platform for the Common Criteria for Information Technology Security Evaluation, with the goal of obtaining Evaluation Assurance Level 3 certification before mid-2014. This certification is often a requirement for cybersecurity contracts in NATO countries and throughout the world. Obtaining it will make LogPoint the only Danish cybersecurity company to meet the standard – and one of few globally.

“We are experiencing a dramatically increasing demand for improved network security as the number of successful network attacks globally are sadly rising. An effective SIEM-solution is one of the cornerstones of efficient enterprise network security, not only to improve security monitoring and early breach detection, but also to answer an increasing demand for regulatory compliance in many countries around the world”, says Jesper Zerlang.

The LogPoint SIEM-platform are currently deployed with more than 250 organizations in Europe, including large- and midsized enterprises in all industry sectors as well as public authorities ranging from municipalities to government authorities. LogPoint is present with offices in the Scandinavian countries as well as Germany and the UK and are currently expanding to a number of other European markets. LogPoint is partner centric and deploy its solution through a network of certified partners, ISP’s and system integrators throughout Europe.

LogPoint is a European, Copenhagen-based IT security company that delivers IT security SIEM solutions for enterprise networks. The LogPoint technology is an advanced Security Information and Event Management (SIEM) platform that provides real-time monitoring and incident management for security-related events from network, security devices, systems and applications as well as log management, analytics and compliance reporting.

You can read the original article here.

Of 2,000 respondents surveyed globally, 58 percent confirmed that management does not see cyber attacks as a significant risk to their business. Despite this, IT infrastructure and asset security incidences, as well as wider security related disruptions, were found to have cost these SMBs a combined average of $1,608,111 over the past 12 months.

The research, sponsored by Sophos, also identified that the more senior the position of the decision maker in the business, the more uncertainty there was surrounding the seriousness of the potential threat.

“The scale of cyber attack threats is growing every single day,“ said Gerhard Eschelbeck, Chief Technology Officer for Sophos, “yet this research shows that many SMBs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture.”

According to the research, there are three main challenges preventing the adoption of a strong security posture: failure to prioritize security (44 percent); insufficient budget (42 percent); and a lack of in-house expertise (33 percent). In many SMBs there is also no clear owner responsible for cyber security, which often means it falls into the purview of the CIO.

“Today in SMBs, the CIO is often the “only information officer”, managing multiple and increasingly complex responsibilities within the business,” said Eschelbeck. “However, these “OIOs” can’t do everything on their own and as employees are demanding access to critical apps, systems and documents from a diverse range of mobile devices, it would appear security is often taking a back seat.”

The study also reveals uncertainty around whether ‘Bring Your Own Device’ policies (BYOD) and the use of the cloud are likely to contribute to the possibility of cyber attacks. Seventy-seven percent of respondents said the use of cloud applications and IT infrastructure services will increase or stay the same over the next year, yet a quarter of those surveyed indicated they did not know if this was likely to impact security.

Similarly, 69 percent said that mobile access to business critical applications would increase in the next year, despite the fact that half believe this will diminish security postures.
 
“Small and midsize organizations simply cannot afford to disregard security,” said Larry Ponemon, president of the Ponemon Institute. “Without it there’s more chance that new technology will face cyber attacks, which is likely to cost the business substantial amounts. CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. The industry needs to recognize the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures.”

The study targeted SMBs in the United States, United Kingdom, Germany and Asia-Pacific (Australia, India, China and Singapore) to better understand how such organizations are managing security risks and threats. Key findings of the study include:

• Fifty-eight percent of respondents say management does not see cyber attacks as a significant risk.
• One-third of respondents admit they are not certain if a cyber attack has occurred in the past 12 months. Forty-two percent of respondents said their organization had experienced a cyber attack in the past 12 months
• Respondents in more senior positions have the most uncertainty about the threats to their organizations, indicating that the more removed the individual is from dealing on a daily basis with security threats, the less informed they are about the seriousness of the situation and the need to make it a priority.
• CISOs and senior management are rarely involved in decisions regarding IT security priorities. While 32 percent say the CIO is responsible for setting priorities, 31 percent say no one function is responsible.

• Forty-four percent of respondents report IT security is not a priority.  As evidence, 42 percent say their budget is not adequate for achieving an effective security posture.  Compounding the problem, only 26 percent of respondents say their IT staff has sufficient expertise.

• Respondents estimate that the cost of disruption to normal operations is much higher than the cost of damages or theft of IT assets and infrastructure.

• Mobile devices and BYOD are much more of a security concern than the use of cloud applications and IT infrastructure services. However, these concerns are not preventing extensive use and adoption of mobile devices, especially personal devices.

Uncertainty about their organization’s security strategy and the threats they face varies by industry:

• Respondents in financial services have more confidence, which can probably be attributed to the numerous data protection regulations.
• The technology sector is also more security aware, which is probably due to the IT expertise that exists in these organizations.
• Retailing; education and research; and entertainment and media have the highest level of uncertainty about their organization’s security strategy and the threats they face.

Recommendations:

• Organizations need to concentrate resources on monitoring their security situation in order to make intelligent decisions. While assessing where they stand on the security continuum, organizations need to focus on monitoring, reporting and proactively detecting threats.
• Establish mobile and BYOD security best practices.  Carefully plan and implement a mobile strategy so that it doesn’t have an impact on the overall security posture.
• Organizations should look for ways to bridge the gap created by a shortage of information security professionals.  Consider ways to free-up time for in-house resources, including a move to cloud technologies, security consulting and easy-to-manage solutions.
• Measure the cost of cyber attacks, including lost productivity caused by downtime.  Work with senior management to make cyber security a priority and invest in solutions that restore normal business activity more quickly for a high return on investment.
• Organizations in all sectors are regularly breached and regulations are often simply the beginning of properly securing a network.  Consider consolidated security management to gain a more accurate picture of threats that will help focus on problem areas.

A full copy of the Ponemon Institute study: The Risk of an Uncertain Security Strategy, is available here.

In an increasingly complex security environment Sophos works with partners to make security simple to deliver, implement and manage. Over the last 12 months Sophos has created a more flexible and generous partner programme, providing partners with protection for deal registrations, attractive margins and joint lead generation initiatives. The programme also provides up-to-date certification, to ensure partner sales and technical teams are fully trained across Sophos’s latest solutions to help drive partner businesses forward. Delivered by dedicated channel relationship managers, Sophos gets to know partner businesses to ensure they feel supported every step of the way.

James Vyvyan, Regional Vice President, UKI, Sophos said: “We’re delighted to have won ‘Security Vendor of the Year’. Sophos is committed to a ‘channel first’ strategy and we believe that by taking the time to understand our partners’ business model, we can work together to provide the solutions that best suit their customers’ IT security needs.”

Sophos also won two awards in CRN’s DACH awards on 13 November: Security Vendor of the Year and Channel Champion of the Year 2013.
Commentary from the Sophos Channel

“Many of the innovations Sophos has introduced are unique to the market. These unique solutions make it possible for us to differentiate ourselves from other security consultants and better meet our clients’ needs,” said Mark Robinson, Director, Globelink Infrastructure & Network Security.

“The Sophos Partner Programme empowers proactive and enthusiastic partners like ourselves to achieve the levels of technical and sales accreditation required to represent Sophos at the highest level,” said Paul Cox, Managing Director, Quadsys.

“We’ve worked closely with Sophos for more than 12 years and feel the relationship is stronger now than it has ever been. The sales, technical, financial and management teams at Sophos and Foursys are all working really closely together, which means we get it right and we both put customer service at the top of the agenda,” said Paul Prior, Managing Director, Foursys.

WD’s My Cloud personal cloud drives, available now in China in capacities of 2 TB, 3 TB and 4 TB, enable consumers to organize, centralize and secure the digital content from all of their computers and mobile devices and access those files from any device and from anywhere in the world. WD’s My Cloud EX4 high-performance four-bay network attached storage (NAS) solution, available now in China in 0 TB, 8 TB, 12 TB or 16 TB1 capacities, provides creative professionals, prosumers and workgroups a reliable way to save, share, back up, stream and manage massive amounts of digital data. The Baidu Yun service is a leading public cloud storage service provider with more than 100 million users. Consumers and businesses store content on Baidu Yun for easy access and sharing from any computer or mobile device.

The collaboration between WD and Baidu will enable Chinese customers to manage their Baidu Yun account and easily transfer files between their My Cloud or My Cloud EX4 device and Baidu Yun using WD’s My Cloud mobile apps for iOS and Android operating systems. Baidu and WD customers will also be able to back up their local content to Baidu Yun, as well as backup their Baidu Yun account to their local storage using WD SmartWare™ Pro software.

“The growth of Baidu and its public cloud storage and services in China has been spectacular; it’s a pleasure to collaborate with them,” said Jim Welsh, executive vice president, Branded Products and worldwide sales. ”The integration of Baidu Yun with our personal cloud and external storage platforms gives our mutual customers the best of all worlds – the ability to keep content safe at home, while backing  up and sharing with friends on Baidu Yun.”

“Baidu aims to provide the best way for people to access their valuable content, regardless of their location,” said Hou Zhenyu, chief architect of Baidu Yun. “WD is a leader in high-capacity local storage, and integrating our public cloud storage service with WD’s platform gives our customers a compelling hybrid cloud storage solution – the best of both public cloud storage and personal cloud storage.”

You can read the original article here.

In comments that support Array’s ranking in the new report, IDC analysts note that the company’s WAN optimization solution has “increased its chances of cracking bigger deals and positioning themselves as an end-to-end solution provider in the ADC space.”

According to IDC, drivers of Array’s leading position in the India market include the ability to close deals in the lucrative government and banking and financial services industry (BFSI) markets, as well as the ability to offer holistic ADC and WAN solutions with custom costing to potential customers. Although Cisco still leads – due to volume WAN optimization sales – Array is mounting a challenge by way of continued growth in the WAN optimization space.

Mr. Shibu Paul, Country Manager at Array Networks said, “IDC is a respected authority tracking the markets Array serves, and the local IDC team in India has a superior understanding of vendors, partners and customers in the application delivery networking space. The Array team has been working tirelessly to serve our customers, assist our partners and enhance our offerings, and I am extremely pleased to see our efforts paying off as reflected in the new IDC market report.”

“In addition to growing traction in the enterprise based on its suite of application delivery networking solutions, Array is also opening up new opportunities with its line of software appliances which can be hosted on any virtualized server to break price barriers and make solutions more affordable to SMBs,” said Manoj Iyer, IDC’s market analyst for enterprise networking in India. “With the ability to support a broad range of customers and a go-to-market strategy focused on educating partners its load balancing, WAN optimization, enterprise mobility, high availability, BYOD and application acceleration solutions, Array is well positioned to further increase their market share in the application delivery networking market.”

You can read the original article here.

1. Always secure your smartphone with a password

One of the most basic security tips, but one which is sometimes completely overlooked! Having no access protection at all is just foolish. Swipe patterns are ok, but greasy finger-trails could reveal too much. A four-digit PIN is an improvement but using a strong passcode is the ideal phone protection.

2. Ensure that your device locks itself automatically

If you set up password-protection on your phone but then leave it unlocked on your desk for 15 minutes, you won’t have achieved very much. Most smartphones allow you to set them up to automatically lock themselves after a period of inactivity. Make sure you choose the shortest timeout you are comfortable with. Two to five minutes is better than ten to thirty, even if it does feel slightly inconvenient.

3. Install security software

Your smartphone is a computing device and should be protected accordingly. Look for an app like Sophos Mobile Security that includes malware prevention, remote data wipe, privacy review of apps and an automatic security advisor to alert you to potential risks when you change a device setting. If you’re in charge of securing your organisation’s phones and tablets, then choose a mobile device management solution like Sophos Mobile Control.

4. Only download apps from approved sources

The Google Play Store and Apple’s App Store take security pretty seriously. They are very careful about what apps they make available and will withdraw apps that raise concerns after release. Read user reviews of apps before installing them – if there are any security concerns then someone else may well have mentioned them.

5. Check your apps’ permissions

Apps. Image courtesy of Shutterstock.Many apps require more than the basic default permissions. For instance, you can reasonably expect an SMS app to send and receive text messages just as a mapping app will request your GPS location. But something like a calculator that needs network access or an alarm clock that wants to read your contact database should be treated with extreme caution!

6. Don’t miss operating system updates

Updates to your OS often include system vulnerability patches, so it’s important to install them. You might want to be advised of updates rather than having them automatically installed, as early adopters sometimes experience teething problems – but the forgetful among you may prefer that to missing updates altogether.

7. Be wary of any links you receive via email or text message

Now you can pick up email on your phone, exercise caution when clicking on links. And phishing scams are not limited to email – a text message can incite you to click on a dodgy link or ask for personal information. Even simply replying to unknown SMS or email senders can raise the crooks’ interest in you, leading to more pressure to respond.

8. Encrypt your smartphone

Even if you’ve secured your smartphone with a password, a thief could still plug your device into a computer and gain access to all of your personal information. Using encryption on your smartphone can help to prevent such data theft.

9. Turn off automatic Wi-Fi connection

WiFi. Image courtesy of ShutterstockOne of the great things about modern mobile phones is their ability to connect to the internet in many ways, but continually probing for wireless networks gives away information about your identity and location, and blindly connecting to unencrypted access points can let your phone leak all sorts of useful things for malicious actors to intercept and act upon. So tell your phone to forget networks you no longer use, so as to minimise the amount of data leakage and configure your phone to automatically turn on/off wireless in certain places using a location-aware smartphone app.

10. Turn off Bluetooth and NFC when not in use

Bluetooth and NFC (near field communication) are great in terms of connectivity, allowing you to use accessories such as wireless keyboards and headsets or make payments with a wave of your smartphone. But it does open a door for the bad guys to gain access to your device and access your data, so you should either switch these features off or put your device into “not discoverable” mode whenever possible. Also, be careful when pairing devices – never accept requests from unknown devices.

You can read more here.

“While many security experts are aware of the high level trends, few have recognized their significance,” said James Lyne, global head of security research at Sophos. “If 2013 has taught us anything, it is that traditional security controls are struggling. These new behaviors are forcing the industry to adapt and change, and widely held best practices must be reconsidered.”

The threat report highlights new security concerns ranging from stealthy malware tools that offer dynamic camouflage and provide attackers with long-term persistent access to users’ data, to the proliferation of connected devices that represent new and often ill-protected targets. Many new “Internet of Things” devices are becoming commonplace in our homes and everyday infrastructure, offering shadier cybercriminals the potential to impact our daily lives, rather than just the traditional theft of financial information.

“These trends are set to continue in 2014 as threats become even smarter, shadier and stealthier,” said Lyne.

In 2014 Sophos predicts greater focus from cybercriminals on high quality and convincing phishing and social engineering to compensate for harder-to-exploit operating systems like Windows 8.1; embedded devices (such as POS systems, medical systems and new “smart” infrastructure) will open old wounds as security mistakes eliminated in the modern PC environment are carelessly re-implemented; attacks on corporate and personal data in the cloud will continue to grow as providers struggle to refine the security strategy in this new computing platform; and malware for mobile is set to become as sophisticated as its PC relatives.

“It is clear in 2014 we need to be watching not just the evolution of existing attacks, but be prepared for dangerous new threats emerging that we haven’t previously dealt with,” said Gerhard Eschelbeck, CTO at Sophos. “As the industry adapts and enhances protection mechanisms to cover new devices and threats, this is increasingly becoming an issue for every member of society, not just for government and business.”

A full copy of the Security Threat Report 2014 containing more information and statistics on cybercrime in 2013, as well as top tips and predictions on emerging trends, can be downloaded here.

You can read the original article here.