Looking ahead to 2015 in cybersecurity, it really is vital to understand how the threat environment impacted organizations through exploits and breaches in 2014.
Toward the tail-end of the year it seemed like there was a new, major data leak or cyberattack in the headlines every week. There was no pattern, no single industry targeted (no pun intended) and no actions taken to punish those involved, even if the attribution was defined and accurate, and there was a definitive perpetrator or organization to charge in the criminal act. (http://www.justice.gov/opa/pr/us-charges-five-chinese-military-hackers-cyber-espionage-against-us-corporations-and-labor)
Is there knowledge that can be gained from the cyberattacks of 2014? Yes. There's certainly a large amount of information that can be applied from the numerous hacks and breaches to understand trends and techniques, but the most important lesson to be learned from this past year may just be the fact that enterprise organizations are heading towards a new approach to endpoint security – Big Data Endpoint Detection and Response (EDR).