Robert Olsen, MS, MBA, CISSP, CISM–Senior Managing Director, Ankura
The cybersecurity landscape is changing daily as hackers continue to find ways to circumvent the latest technologies, presenting threats that could jeopardize the existence of your organization with the click of a mouse.
As the persistence and sophistication of cybercriminals increases exponentially, cyber risk and information security becomes a constant struggle for business leaders. While it is impossible to predict the future of cybersecurity, examining the trends that have made a significant impact in 2018 can help to strengthen the posture of your organization.
Because people are increasingly using smartphones in place of their desktop or laptop computers, and the information stored on these devices is extremely appealing to hackers, mobile malware is one the fastest growing attack vectors today. Mobile malware is malicious software, specifically built to attack mobile phones or other wireless-enabled devices and can collapse the system or exploit data.
With the rapidly developing nature of these technologies, ensuring the safety and security for mobile devices is progressively difficult and mobile antivirus programs are often ineffective due to this swift evolution. As a result, it is critical that organizations that allow the use of mobile devices for business purposes have a robust mobile device management policy in place and regularly train employees on best practices.
The Face of Ransomware is Changing. Are You Ready?
Ransomware is constantly developing, and its resurgence is making it increasingly difficult for organizations to detect and prevent. Additionally, cybercriminals are choosing their targets more carefully, even examining an organization’s financial statements before submitting ransom requests, so they can receive the highest payment possible.
There are several routes ransomware can use to enter a computer, with the most common being social engineering attacks, including phishing. However, hackers are increasingly breaking into computers and deploying ransomware manually through Remote Desktop Protocol (RDP) attacks.
RDP is regularly used by businesses as a way in which the IT department can access a user’s computer to solve issues without being physically present. However, these cybercriminals are using RDP and running ransomware in the same way a user would run Word or other applications.
To best protect your organization from ransomware, it is important to routinely update your operating system browsers, and, plugins. It is also wise to implement vulnerability scanning, complete penetration testing after the vulnerabilities are addressed, maintain a strong firewall and anti-virus software, and back up files daily.
Employing cloud application services is popular among businesses because it is cost advantageous and easily accessible. However, this can enable unauthorized third parties to easily access data stored in the cloud if the proper security controls are not in place. While many cloud service vendors offer security measures, organizations cannot rely on their provider to implement them but must configure the settings themselves.
Moreover, cloud-based email attacks are rapidly increasing as more organizations are migrating to these web-hosted services. Attackers are not only utilizing the email web presence, they are also accessing the compromised email accounts with Outlook exploitation kits that provide them with a download of the entire mailbox. By implementing quarterly mock phishing exercises and configuring accounts with maximum-security controls, business leaders can begin to reduce these risks.
Humans Are Still the Weakest Link
Hackers wouldn’t be nearly as successful if they solely relied on their penetration skills–they thrive on human error. No matter the security controls in place, people are continually the weakest link regarding cybersecurity risk management. According to the Verizon 2018 Data Breach Investigations Report, human error caused nearly one in five breaches. By educating employees on best practices, policies, procedures, popular attack methods, and trends, organizations can significantly reduce their risk of a data breach.
The Future of Regulations
The criticality of cyber events is becoming ever more poignant in 2018 since the United States Government publicly acknowledged for the first time the attacks of nation state hackers by attributing NotPetya to Russia. Additionally, the enactment of the General Data Protection Regulation (GDPR) in the European Union is causing Americans to question the future of similar laws in their country. However, the federal government is leaving data privacy laws and cybersecurity regulations to the jurisdiction of the states. California, Colorado, and Ohio are among the early adopters, but more states are expected to follow suit in the upcoming year.
Businesses Can No Longer Afford to Wait and See
While the future of cybersecurity may focus on compliance standards and increased efficiencies with intelligent threat management solutions, business leaders can no longer afford to ignore cybersecurity practices in their organizations as the sophistication and threat of attacks areat an all-time high.
This requires a multi-layered cybersecurity risk management approach by implementing robust controls and employee training. Currently, it takes organizations about 100 days to spot threats, which can often be too late. As a result, it is imperative to consider the aforementioned trends and integrate cyber risk management practices before the existence of your organization is compromised by the click of a mouse.