2015 was a year full of both good and bad news for the global security industry, although, at first glance, it seems that the year was filled with only the worst of news.
Incidents of every flavor of cyber crime are increasing. Every sector of business and government has been hit hard by data breaches. There aren’t enough experienced cyber security professionals to fill the thousands of job openings. The regulatory, financial, and reputational consequences of negative incidents continue to mount. Cyber criminals are organized, sophisticated, and everywhere.
Cyber security has gained some long awaited traction and momentum. The more headlines there are about data breaches, the more stakeholders are paying attention. Executives and boards are finally making information security a real priority. Local, state, and federal agencies are also ramping up their efforts, thanks in part to the astonishing breaches at OPM and the IRS.
The Federal Trade Commission (FTC) has begun prosecuting negligent companies, which should be reassuring to responsible companies that are reliant on vast networks of supply chain partners and vendors. Increased transparency and disclosure is definitely good news for consumers, who have little insight into the security posture of the enterprises behind the products and services they purchase.
The deployment of EMV chip-and-pin credit card technology is still in early stages, but will hopefully represent the dawn of a more secure era for consumers. Corporate and public campaigns are encouraging better digital citizenship; the increased use of strong passwords, multi-factor authentication, and encryption is a good sign.
It’s certainly not yet time to celebrate a job well done. As quickly as new security mechanisms are being developed, cybercriminals are cultivating new techniques to bypass them. The goal is to make it more expensive and more labor-intensive for cyber criminals to gain illicit access, and to secure valuable data so thoroughly, there’s nothing worth stealing once they’ve made their way in.
We believe there are five prevailing security threats businesses need to prepare for in 2016.
Let’s take a quick look at each:
1. There will be more POS device breaches. With the holiday season upon us, we can expect more headlines about credit card information being pilfered in bulk. The ongoing problems with lax security configuration, weak passwords, and third party access vulnerabilities we’ve seen the last few years will converge with the messy rollout of EMV card terminals. Despite the increased security promised by EMV standards, hackers will find plenty of opportunities to exploit rushed deployments, customer and cashier confusion, and aging POS systems yet to be replaced. In the U.S., about 12 million POS terminals need to be upgraded, but only 40% are expected to be ready by the end of 2015. Considering that a significant percentage (approximately 40%) of data breaches over the last two years were related to PoS system compromises, this threat is still significant. It’s worth noting here that EMV chip-and-PIN technology does little to protect online transactions; online fraud increased in Europe after EMV adoption.
Read more: ADF to escalate social media war on Daesh
2. Devices that come and go off the network, coupled with the ongoing BYOD trend will continue to confound security managers who know it’s imperative to secure all endpoints, but lack the proper tools to do so effectively. Without proper tools, administrators are left to choose between over-restricting access and reducing user functionality. Fortunately, the pervasive scope of this challenge is driving rapid growth in the endpoint security market, which is expected to be worth more than $17 billion within 5 years. Companies must be diligent about creating and enforcing BYOD policies that include a verification capability. Engaging the whole organization in secure BYOD campaigns can help promote a culture of responsibility and awareness.
3. Companies of all sizes and types will have to deal with breaches and lost data issues. Breaches at major, global organizations will continue to make headlines, but cyber criminals are ingenious when it comes to finding the path of least resistance in pursuit of low-hanging fruit. As enterprise security programs improve, many bad actors will look for fresh opportunities to ambush unsuspecting targets with their cunning schemes. While many hackers and cyber criminals focus on name-brand networks, many others hone their craft and try new approaches with smaller business. No business can afford let its guard down! Small businesses that assume they can’t possibly be on anyone’s radar should remember that many attacks are automated; if you (or any of your vendors or employees) have left a virtual door open, the hackers’ bots will find it and exploit it. Small-to-midsize businesses are particularly vulnerable—for many, the financial and reputational costs incurred in the aftermath of a breach would be enough to wipe them out permanently. Kaspersky Labs estimates that on average, each cyber attack on an SMB costs $38,000.
4. Ransomware will continue to evolve and become increasingly complicated. We continue to be shocked at the amount of ransomware attacks where the "victim" actually pays the ransom. The FBI said it received 992 CryptoWall complaints from April 2014 to June 2015, representing total losses of $18 million—and that is just reported cases. Because criminals are finding this scheme lucrative, hackers will continue to work on producing virus variants that are harder to detect and decrypt. Ransomware depends on human error; it is usually activated by a user clicking on a link in a phishing email. Encryption of sensitive data combined with regular back-ups onto external devices or cloud services are an excellent defense against these schemes. If you have a current copy of your data or web site, business can continue with minimal disruption. Paying the ransom does not, after all, guarantee full restoration of your data or web site. It’s important to note that mobile devices can also be overtaken by ransomware, and often the accompanying threat is to ruin one’s reputation.
5. The emergence of smart, integrated, cloud-based security services will enable a transformation from an alert-centric to an intelligence-centric approach to security. Cloud-based security enhances visibility by spotting anomalies and correlating events across millions of end users. Using the power of Big Data, we can move away from managing a daily deluge of alerts. Beyond the obvious efficiencies of integration (no more silos, fewer vendors), running advanced analytics is more effective when security infrastructure components can talk to each other. Analyzing interdependent activity and automatically enforcing policies across all endpoints and contexts drives an intelligence-based approach to security. Visualization tools and dashboards render the intelligence more accessible, and make it easier to spot attacks and vulnerabilities. Global cloud-based services can provide broad reach across all components of the extended, distributed enterprise infrastructure and beyond.
It’s impossible for businesses to avoid every serious incident. We should all accept a starkly realistic view of cyber risk and the probability of being breached. But this doesn’t mean we should accept defeat. Focus on making your business a less-appealing target. Don’t leave valuable, enticing data unencrypted. Don’t leave any back doors open to hackers. Investigate security solutions that provide a big picture, integrated view of your digital landscape. Cyber security that matches your needs and resources is available.
The stakes are higher than ever before. Businesses depend heavily on data and digital functions, and these valuable assets are constantly under attack. As they prepare for 2016, organizations of all sizes need to be aware of the important trends that have emerged or shifted in the past year. It’s important to take time to thoroughly assess your organization’s ability to defend its data, networks, employees, and customers. Every business should resolve to strengthen cyber security capabilities over the next year.