[BreachExchange] Cybersecurity Threats and Safeguards in 2017
Audrey McNeil
audrey at riskbasedsecurity.com
Mon Feb 20 19:38:59 EST 2017
http://www.business2community.com/cybersecurity/cybersecurity-threats-
safeguards-2017-01777506
There is no doubt the superhighway of the internet has improved life for
organizations the world over, but with each new innovation comes another
avenue for a cyberattack to travel down. Vulnerabilities in cybersecurity
are no longer just a concern, but a widespread epidemic. Last year data
breaches rose a whopping 40%, with 37 million records exposed affecting
every sector including the government, financial services, education,
health, and businesses the world over.
The evolving role of tech leadership must focus on being proactive to avoid
becoming another victim. Understanding the rapidly shifting landscape of
cybersecurity threats can be difficult, but discovering vulnerabilities and
closing them to attacks is essential for every organization now more than
ever.
Ransomware
Arguably the biggest cybersecurity threat in 2017 is the juggernaut of
ransomware. As software that takes a company’s information hostage until a
large fee is paid, this cunning method of attack has rapidly grown more
sophisticated by now being able to operate while offline.
There were a massive 638 million ransomware attacks in 2016, representing
an increase of 167x over the previous year and showing no signs of slowing
in 2017. With $209 million in ransom paid out in the first quarter of last
year alone, it is clear to any tech leader that precautions are necessary.
While many traditional safeguards against cybersecurity threats can assist,
the only sure way to deem a ransomware attack powerless is to regularly
backup essential files.
Internet of Things
Businesses and consumers alike have enjoyed the IoT revolution, as
previously isolated devices have become smart and provide greater
convenience. However, this increase in connectivity has likewise increased
cybersecurity threats.
Examples are not hard to come by. Most notably, the massive credit card
breach at retailer Target in 2013 was perpetrated through an
internet-connected heating and cooling system in stores. Hackers no longer
rely solely on thinly-veiled email attachments to infiltrate a system, but
can take any back door alley as they make their way to the most critical
information.
Closing off any such entrance takes a bit of education and proactivity.
Overhauling every device in an organization, even seemingly harmless things
like automatic lights in the parking lot or smart TV’s in board rooms, is
necessary. If it is not essential for a device to be connected to the
internet or internal network, then that capability should be turned off.
The Cloud
An adjacent concern to IoT vulnerabilities is the continued adoption of
cloud technology. While it certainly has increased efficiency for users,
the cloud has likewise caused security concerns for any organization. With
companies beginning to harness the power of the tremendous amount of data
that their business creates each day, securing data housed in the cloud
against cybersecurity threats must take precedence.
There are several ways to safeguard cloud usage. Consider encrypting data
prior to uploading so any unauthorized user that finds access to the cloud
will not be able to make sense of what it contains. Using a private cloud
instead of a public cloud also provides more data control and greater
security. Lastly, avoiding the storage of the most sensitive information in
the cloud is a common practice to diminish the susceptibility of critical
data loss.
Traditional Portals of Attack
Despite the rapid evolution and increasing sophistication of cybersecurity
threats, it is important not to overlook traditional methods of attack.
Installing updated antivirus software and training employees in creating
strong passwords, changing passwords often, and spotting questionable email
attachments provides a strong base level of protection. Even when hackers
try a new spin on old favorites, such as using company job portals to
penetrate corporate systems, a knowledgeable staff member won’t fall for
their tricks.
Safeguarding Against Cybersecurity Threats
While making cybersecurity a top priority and enacting safeguards against
cybersecurity threats is a strong step forward, it is often in an
organization’s best interest to team up with IT experts in the field. When
one solitary attack could cost a business millions of dollars, the very
livelihood of every employee is on the line.
With the current demand of skilled cybersecurity professionals vastly
outweighing the supply, there are simply not enough experienced candidates
to fill open cybersecurity positions. Partnering with an IT staffing
solutions firm that can provide cybersecurity specialists experienced in
spotting and diminishing the latest vulnerabilities is the most
cost-effective option to keep any organization operating smoothly in 2017
and beyond.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170220/ef5e3d4e/attachment.html>
More information about the BreachExchange
mailing list