A common New Year’s Resolution is to be vigilant against advance security threats. Fulfilling that resolution each year requires a more comprehensive approach as technologies evolves and attack methods become both more sophisticated and prevalent in our lives. As the new year begins, most organizations are putting their plans and tools in place to meet the objective. To provided additional support, here are the 7 top security in 2017 as Brite sees to consider.
- Device visibility
With the explosive growth of IoT and the new threat of attacks to these devices, IT managers are more worried than ever about unmanaged/unsecured devices connecting to the network. The holidays typically equate to an onslaught of new connected devices – who doesn’t want a new iWatch, iPad or other smart connected device? Many of these devices can improve productivity, while others are just vulnerability points for the enterprise. It is critical to understand what is connected to a network and the vulnerabilities they present.
- Zero-Day Attacks
It was hard to look at the news in 2016 and not see a story related to zero-day attacks. Ransomware attacks took the most headlines, including shutting down a DC based healthcare system, MedStar Health, for 8 days. MedStar was not just an isolated instance of a ransomware attack. According to CNN, $209 Million was paid just in Q1 2016 to ransomware criminals.
- Phishing Attacks
Phishing Attacks will continue to be a concern in 2017 because of the effectiveness, low cost and ease of execution. RSA released a report stating the total cost of phishing attacks during Q1 and Q2 of 2016 were $9.1 billion. Furthermore, new phishing attack were launched every 30 seconds. The success of phishing attacks is not surprising with the creativity hackers introduce in their latest attacks (see some examples here).
- Insider Threats
Employees bring a company to life. Without them, a company would just be a person’s concept. With them, is the concept of the insider threat. Not all insider threats are malicious– about half are accidental. A company is still at risk no matter how ethical employees may be. In review of 2015, Intel found that 43% of breaches directly connect back to Insider Threats.
- Unauthorized Access to Critical Information
Can every piece of data in a network be accounted for at every moment? For most, the answer in ‘no’. In reality, a company would have trouble knowing if a breach occurred without complete visibility into who is accessing critical data. All stages of data (at Rest, in motion in an out of the organization, in use during its entire lifecycle and very importantly, while it is stored in the cloud) each have their own set of challenges when it comes to protecting it. Because of the challenges associated with controlling the access to critical data, the FBI has even claimed that there are two types of companies in the US: Those who know they’ve been hacked and those who have been hacked, but don’t know it yet!
- Delayed Breach Identification
According to a Ponemon Institute study, it takes on average 6 months to detect a data breach and in many cases it is identified by an outside source. Looking at some of the largest public breaches of the year like Anthem, Home Depot, Target, we realize that these organizations have extremely large information security teams and budgets to support the necessary tools. If it takes an average of 6 months for organizations of this size to identify a breach, how long will it take organizations with much smaller teams? Today’s advanced threats and requires a new level of vigilance. For this reasons, many organizations are turning to Managed Security Service Provides to provide real-time, proactive 24/7 monitory and support of their security tools. These service providers are experts in tuning the firewalls, IPS, SIEM, etc to limit alerts and thus cutting down false positives. With a smaller number of alerts, internal security teams spend less time investigating incidents and more time completing strategic projects.
- Major Breach by Critical Partner/Vendor
Just like our employees, we put much trust in our partners and vendors. They are a critical aspect of our business. However, whenever people are brought into a network or have access to vital information, risks are associated with it. Don’t think a third party breach could happen to your organization? As of May 2016, Ponemon Institute reports that 75% of the IT and security professionals surveyed said the risk of a breach from a third party is serious and is increasing.