Top 10 trends to inform your cyber security strategy – part 1

Cyber crime is big business. Organisations are starting to take cyber security seriously, and a range of high-profile attacks and hacks in 2016 and the first quarter of 2017 have served to make cyber security a top priority.

In an effort to drive awareness, we’ve written a playbook highlighting the major trends in cyber security. Here are the first five of the top ten trends in cyber security from our playbook.

1. Organisations have to automate to keep up with the criminals

The major threat now faced by organisations comes from malicious code that is designed to find common security flaws across the Internet. Hackers are increasingly using automation to help them save time on routine tasks like brute-forcing user credentials. If brute-force attacks are being automated to try millions of passwords in seconds, and people only change their passwords infrequently, what chance do organisations have?

Administrative passwords are vital to security. Even if only one admin password is compromised, it can be exploited by criminal hackers to gain access to other areas of the network. Organisations should take control of privileged account management in order reduce their attack surface and eliminate a criminal hacker’s ability to cause harm following a successful brute-force attack.

As well as investing in skills and recruitment, organisations should automate manual processes and use system analytics to minimise their exposure.

2. Breaches are getting more complicated and harder to beat

Ransomware is becoming more sophisticated. Criminals increasingly target organisations and individuals with so-called ‘ransomware’, which is malware that locks up data or websites so that a ransom can be demanded. Last year, criminals collected nearly a billion dollars in earnings from ransomware attacks.

Distributed denial-of-service (DDoS) attacks are also now being used in a similar way. Hackers target Internet-dependent business with DDoS attacks to block access to the company’s website and subsequently demand ransom payments.

Phishing attacks are becoming increasingly sophisticated. Cyber criminals focus on higher-value endeavours, including spear phishing attacks and other targeted methods, for greater reward. Cisco estimated that the profit from a spear phishing attack can be more than ten times that of an ordinary mass-email attack.

3. Firms need to toughen up on bring-your-own-device (BYOD) policies

The practice of employees using personal phones and tablets at work is already widespread, with the number of such devices forecast to hit one billion by 2018, as Juniper reports. The challenge presented to organisations by the BYOD trend is that it forces them to keep sensitive data safe on multiple devices and platforms that have different apps installed and are not directly under the control of the IT department.

In the report How to Avoid the Top 10 EMM/MDM Deployment Mistakes, Gartner said, “The single biggest mistake any organisation can make is to do nothing”. Instead, organisations should prepare to manage BYOD, reviewing which devices employees are most likely to use and ranking them on their manageability, availability of business apps, supportability and security.

4. There will need to be more security for the Cloud

Traditionally, cyber security architectures rely on network and application assumptions about static IP addresses and fixed perimeters. However, this approach doesn’t translate to Cloud environments. In the Cloud, security perimeters evolve constantly, resulting in new security gaps and a larger attack surface.

According to Cisco, 44% of operations security managers now see more than 5,000 security alerts per day. To address this challenge, organisations need to design a cyber security operation that identifies vulnerabilities and attacks in real time. This requires constant attention to keep cyber security threat detection tools up to date, patched and working in an integrated manner to keep pace with the increasing incidence, complexity and variety of global threats.

5. Organisations handling EU residents’ data will be concerned about the General Data Protection Regulation (GDPR)

The Regulation, which will be enforced from May 2018, helps to protect EU residents’ personal data. Under the GDPR, compliance will depend in part on having explicit and specific consent for the exact purpose for which data is held or processed. This means that organisations must identify all the personal data they hold and determine whether or not they have a lawful basis for processing it.

From May next year, organisations will need to ensure that data protection is embedded into their business-as-usual practices. Instead of being a headache, organisations should view the GDPR as a catalyst for building state-of-the-art cyber security capabilities, providing organisations with an opportunity to reduce possible entry points and vulnerabilities that are currently exposed to cyber criminals and reduce their overall attack surface.

LESSONS TO BE LEARNED: PART ONE

  • If organisations can detect malware and other incidents as they happen, it can help automate cyber security defences.
  • Employees are the weakest link thanks to phishing and social engineering – security awareness training for employees is essential.
  • The evolving nature of the Cloud requires businesses to keep cyber security threat detection tools up to date.
  • Organisations should determine a BYOD programme to understand all applicable use cases where mobility will support the broader business and how to counter threats.
  • The GDPR will require organisations to identify key areas of risk in relation to privacy and information rights.

Keep on reading the next five trends here: Top 10 trends to inform your cyber security strategy – part 2.