1. Mobile assets
Response: Reasonable steps to reduce this increasing risk include setting up passwords for all devices, encrypting data on the devices themselves, installing tracking and/or remote-wipe software in the event devices are misplaced, and end-user training.
2. Cloud security
Response: Organizations need to consider both internal factors (any requirements or laws preventing certain data from being migrated to the cloud), as well as external factors, such as where the data will be stored, who will have access, what controls the vendor has in place, will the data be replicated, can an organization make their own off-line backups, are intrusion detection mechanisms in place, and is the vendor SAS 70-certified -- to name just a few.
3. Social media
Response: Users need to be on a keen lookout for these targeted attacks and be more wary than ever regarding what they click on.
4. Infected Web links
Response: End users need to be vigilant about what they click on and make sure they have an up-to-date antivirus solution in place.
5. Backups
Response: Critical data, applications and services need to be identified and a backup solution implemented to ensure that the e-lifeblood of an organization is not placed in significant peril. Organizations should definitely consider using one of the many cloud-based backup services to complement, or even as the foundation of, their backup strategy.