This is part two of three in a series where we will discuss cybersecurity trends, security concerns and the importance of cybersecurity policies as a part of your company’s overall strategy.
2017 proved to be an interesting year in the world of IT as ransomware attacks and security breaches became more common, which resulted in higher payouts to cyber criminals. These rapid fire changes have put IT professionals under extreme pressure to ensure they can recover their data if a breach was to occur, and to also attempt to thoroughly understand how to mitigate the risk of an attack. Understanding these trends within the market place will help create a framework to assist with your IT policies. Statistics from the Cyber Security Trends Report list these as the most common trends for cyber security.
1. Cybersecurity is still a challenge
According to recent studies the reason why cybersecurity is an obstacle in most organizations is due to the lack of skilled employees, resources, lack of security awareness and ignorance around cybersecurity. 54 per cent of organizations want to train and certify their current IT staff to overcome any unforeseen challenges and create a stronger cybersecurity presence in IT environments. The reality is, some IT pros are not really clear on security threats to their data centres, they aren’t too clear who to hire to fix problems if they were to arise, nor do they have proper training and protocols in place.
2. Security challenges in the cloud
Storing data in the cloud makes organizations a target for cyber criminals as the cloud brings a whole new set of security challenges (e.g. data integrity, having proper fail-over technology, ensuring data is secure in-flight and at-rest, etc.) as attackers can monitor and modify data on the cloud (e.g. account credentials, security keys, etc.) by merely using applications to launch attacks. Unfortunately, companies still assume their third party IaaS, SaaS or PaaS vendors are protecting their data…making them even more vulnerable to cybersecurity breaches.
3. Concerns with employees bringing their own devices
The proliferation of bringing/using your own device in the workplace is increasing cybercrime activity consisting of everything from stolen identities to major data breaches from data leaks. While 60 per cent of companies have a BYOD policy, unfortunately, not all employees are trained on cybersecurity best practices. This opens up the door to employees downloading unsafe content or apps and connecting to open Wi-Fi spots without having the correct security protocols in place. In fact, according to a study conducted by HP, 97 per cent of employee’s devices were not secure, and 75 per cent lacked adequate data encryption.
4. Attacks are becoming more sophisticated and more difficult to detect
What you probably didn’t realize is that cyber attackers are becoming more clever—they spend over a month on your networks before they actually infect your systems. In some cases, it takes companies up to 200 days to detect a data breach.
5. Apps are the main source of data breaches within organizations
According to recent reports from Verizon, web applications (either mobile, desktop, business or web apps) are the number one source of data breaches. The reason why apps remain easy targets are because most apps were not built with security as a primary feature, they were built for ease of use. This gives cyber criminals ample opportunity to send spam and steal details…all through downloading an app that is littered with malicious code.
Whether you’re an IT professional or a managed service provider (MSP), the need to make cybersecurity a point of your strategy is critical to ensuring your business survives in the next-generation of cyber-attacks.