Five Security Threats to Prepare for in 2016

Author: Oscar Marquez, Chief Technology Officer, iSheriff

2015 was a year full of both good and bad news for the global security industry, although, at first glance, it seems that the year was filled with only the worst of news.

Incidents of every flavor of cyber crime are increasing. Every sector of business and government has been hit hard by data breaches. There aren’t enough experienced cyber security professionals to fill the thousands of job openings. The regulatory, financial, and reputational consequences of negative incidents continue to mount. Cyber criminals are organized, sophisticated, and everywhere.

Cyber security has gained some long awaited traction and momentum. The more headlines there are about data breaches, the more stakeholders are paying attention. Executives and boards are finally making information security a real priority. Local, state, and federal agencies are also ramping up their efforts, thanks in part to the astonishing breaches at OPM and the IRS.

The Federal Trade Commission (FTC) has begun prosecuting negligent companies, which should be reassuring to responsible companies that are reliant on vast networks of supply chain partners and vendors. Increased transparency and disclosure is definitely good news for consumers, who have little insight into the security posture of the enterprises behind the products and services they purchase.

The deployment of EMV chip-and-pin credit card technology is still in early stages, but will hopefully represent the dawn of a more secure era for consumers. Corporate and public campaigns are encouraging better digital citizenship; the increased use of strong passwords, multi-factor authentication, and encryption is a good sign.

It’s certainly not yet time to celebrate a job well done. As quickly as new security mechanisms are being developed, cybercriminals are cultivating new techniques to bypass them. The goal is to make it more expensive and more labor-intensive for cyber criminals to gain illicit access, and to secure valuable data so thoroughly, there’s nothing worth stealing once they’ve made their way in.

We believe there are five prevailing security threats businesses need to prepare for in 2016.

Let’s take a quick look at each:

1. There will be more POS device breaches. With the holiday season upon us, we can expect more headlines about credit card information being pilfered in bulk. The ongoing problems with lax security configuration, weak passwords, and third party access vulnerabilities we’ve seen the last few years will converge with the messy rollout of EMV card terminals. Despite the increased security promised by EMV standards, hackers will find plenty of opportunities to exploit rushed deployments, customer and cashier confusion, and aging POS systems yet to be replaced. In the U.S., about 12 million POS terminals need to be upgraded, but only 40% are expected to be ready by the end of 2015. Considering that a significant percentage (approximately 40%) of data breaches over the last two years were related to PoS system compromises, this threat is still significant. It’s worth noting here that EMV chip-and-PIN technology does little to protect online transactions; online fraud increased in Europe after EMV adoption.

Read more: ​ADF to escalate social media war on Daesh

2. Devices that come and go off the network, coupled with the ongoing BYOD trend will continue to confound security managers who know it’s imperative to secure all endpoints, but lack the proper tools to do so effectively. Without proper tools, administrators are left to choose between over-restricting access and reducing user functionality. Fortunately, the pervasive scope of this challenge is driving rapid growth in the endpoint security market, which is expected to be worth more than $17 billion within 5 years. Companies must be diligent about creating and enforcing BYOD policies that include a verification capability. Engaging the whole organization in secure BYOD campaigns can help promote a culture of responsibility and awareness.

3. Companies of all sizes and types will have to deal with breaches and lost data issues. Breaches at major, global organizations will continue to make headlines, but cyber criminals are ingenious when it comes to finding the path of least resistance in pursuit of low-hanging fruit. As enterprise security programs improve, many bad actors will look for fresh opportunities to ambush unsuspecting targets with their cunning schemes. While many hackers and cyber criminals focus on name-brand networks, many others hone their craft and try new approaches with smaller business. No business can afford let its guard down! Small businesses that assume they can’t possibly be on anyone’s radar should remember that many attacks are automated; if you (or any of your vendors or employees) have left a virtual door open, the hackers’ bots will find it and exploit it. Small-to-midsize businesses are particularly vulnerable—for many, the financial and reputational costs incurred in the aftermath of a breach would be enough to wipe them out permanently. Kaspersky Labs estimates that on average, each cyber attack on an SMB costs $38,000.

4. Ransomware will continue to evolve and become increasingly complicated. We continue to be shocked at the amount of ransomware attacks where the "victim" actually pays the ransom. The FBI said it received 992 CryptoWall complaints from April 2014 to June 2015, representing total losses of $18 million—and that is just reported cases. Because criminals are finding this scheme lucrative, hackers will continue to work on producing virus variants that are harder to detect and decrypt. Ransomware depends on human error; it is usually activated by a user clicking on a link in a phishing email. Encryption of sensitive data combined with regular back-ups onto external devices or cloud services are an excellent defense against these schemes. If you have a current copy of your data or web site, business can continue with minimal disruption. Paying the ransom does not, after all, guarantee full restoration of your data or web site. It’s important to note that mobile devices can also be overtaken by ransomware, and often the accompanying threat is to ruin one’s reputation.

5. The emergence of smart, integrated, cloud-based security services will enable a transformation from an alert-centric to an intelligence-centric approach to security. Cloud-based security enhances visibility by spotting anomalies and correlating events across millions of end users. Using the power of Big Data, we can move away from managing a daily deluge of alerts. Beyond the obvious efficiencies of integration (no more silos, fewer vendors), running advanced analytics is more effective when security infrastructure components can talk to each other. Analyzing interdependent activity and automatically enforcing policies across all endpoints and contexts drives an intelligence-based approach to security. Visualization tools and dashboards render the intelligence more accessible, and make it easier to spot attacks and vulnerabilities. Global cloud-based services can provide broad reach across all components of the extended, distributed enterprise infrastructure and beyond.

It’s impossible for businesses to avoid every serious incident. We should all accept a starkly realistic view of cyber risk and the probability of being breached. But this doesn’t mean we should accept defeat. Focus on making your business a less-appealing target. Don’t leave valuable, enticing data unencrypted. Don’t leave any back doors open to hackers. Investigate security solutions that provide a big picture, integrated view of your digital landscape. Cyber security that matches your needs and resources is available.

The stakes are higher than ever before. Businesses depend heavily on data and digital functions, and these valuable assets are constantly under attack. As they prepare for 2016, organizations of all sizes need to be aware of the important trends that have emerged or shifted in the past year. It’s important to take time to thoroughly assess your organization’s ability to defend its data, networks, employees, and customers. Every business should resolve to strengthen cyber security capabilities over the next year.

Join the CSO newsletter!

Error: Please check your email address.

Tags security threatsOscar MarqueziSheriffCryptoWallfederal trade commission (FTC)CSO Australiacyber security

More about FBIFederal Trade CommissionFTCIRSKaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Oscar Marquez

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place