8 Changes in Cyber Security You Must Be Aware Of
New technologies are changing the way companies think about cyber security and how they protect their business from everyday threats. At the same time, many cyber security issues we’re already aware of are becoming smarter, making the landscape that much more difficult to navigate.
Recently, Cisco released its 2018 Cyber Security Report, which discusses the latest advances in the security industry and how organizations can protect themselves against mounting cyber security issues. It also includes benchmarking data from 3,600 Chief Security Officers highlighting the challenges their organizations face regarding changes in cyber security.
The full report is a must-read for anyone who has a vesting interest in protecting their business, but we’ve provided some of the cliff notes below.
Malware and Ransomware Are Evolving
One of the most disturbing changes in cyber security is that malware infections are now bypassing user interaction through remote execution. In the early days of Malware, a file would have to be downloaded onto your system, typically in the form of an unwanted email attachment, physical media device or drive by download. Today, all that is needed to encounter these cyber security issues is an unpatched workstation.
One of the most notable self-propagating malware attacks in recent memory was “WannaCry,” which doubled as a ransomware scheme. WannaCry earned $143,000 in Bitcoin, which was very little when compared to the number of users who were affected by the attack. Researchers believe that the ransomware component of WannaCry was a smokescreen and bonus to the attackers’ main objective; wiping valuable data from users.
Attacks are Better Disguised
Cyber security issues are much less apparent than ever before. Cyber criminals are getting savvier at skirting sandboxes and evading detection. Many threats are hidden in encrypted traffic to bypass security systems. Popular cloud products like those provided from trusted sources like Google, Twitter, Amazon, Dropbox and Microsoft are being leveraged for command and control, making attacks look like normal traffic.
The Internet of Things is Still a Breeding Ground
The internet of things (IoT) has done a lot of growing up during the past 5 years or so, but is still in its infancy. These devices are a prime target for cyber criminals, because they are typically deployed by an operations department rather than IT, making them inherently less secure. Many IoT devices lack proper monitoring, create backdoors to other systems and have no inherent security capabilities built in. Patching these devices is often rarely, if ever performed.
What Can Be Done to Protect Against New Cyber Security Issues?
When the bad guys get smarter the good guys must follow suit. Network segmentation, machine learning tools, onboarding automation and securing the cloud are the most important changes in cyber security approach that can be taken to ensure your organization doesn’t fall victim to the next generation of attacks.
Network segmentation boosts security by splitting your network into subsegments, containing activity to a local network not visible from the outside. A high-level example would be splitting web servers, database servers and user machines into their own segment to ensure an attack is isolated if it occurs. Payment Card Industry (PCI) standards recommend clear separation of data within a network, separating where payment cards are authorized from out of service systems and customer Wi-Fi traffic.
Cyber criminals are increasingly using machine-based learning tools to their advantage and you should too. A machine can evaluate large pools of data and identify abnormalities much faster than the average person.
Automating How IoT Devices are Onboarded
When new technology becomes attached to your network, ensure the IT, security and operational teams are all on the same page. Ensure that devices are only connecting to others they need, so if a breach were to occur it won’t impact other systems.
Ensure Your Cloud is Protected
Whether you are storing data on or off-premise through a cloud server, a cloud security platform should always be your first line of defense.
Partner with ThrottleNet to Evaluate Your Technology
As cyber security threats continue to evolve, your business can’t afford any margin for error. As a full-service IT provider, ThrottleNet will understand the nuances of your network, connected technology and ensure you’re always protected from the latest cyber security vulnerabilities.