Hundreds in Cybersecurity Industry Weigh in, Name These 5 Risks as Top Concerns
In 2018 HelpSystems surveyed more than 650 IT and cybersecurity professionals worldwide to learn what’s keeping them up at night when it comes to the ever-changing threat landscape and the requirement to safeguard corporate information assets. As always, there’s a need to balance security with efficiency and not add insurmountable barriers to employees’ workflows. There’s also an ongoing lack of skilled in-house security resources for many businesses. Given these and other considerations, below are the top five cybersecurity exploitations respondents identified in order of perceived impact.
Ransomware appears frequently in the headlines (remember WannaCry?), making it top of mind for most IT professionals charged with information security. Not only can an attacker use this type of program to gain access to your infrastructure and seize information assets, but there’s no guarantee you’ll ultimately regain data or system access even if the ransom is paid. In fact, your data could be destroyed or made public. Damages related to this type of attack can be astronomical when you factor in lost productivity, a negative brand image, or customer attrition.
Most of these types of attacks begin with some type of phishing email (see #2 below) that gives outsiders some initial footing within a company’s infrastructure, thus enabling them to propagate whatever malware they wish to use to infect the environment. If your business doesn’t have a sufficient level of security across all systems and networks (or the monitoring capabilities to detect an intrusion), it’s much easier for the outsider to use this point of entry as ground zero for spreading an infection or searching for sensitive information which it can then lock down until you pay the ransom.
“Phishing attacks have certainly become more focused—and more intelligent,” says Robin Tatam, Director of Security Technologies for HelpSystems. Back in the day, everyone would laugh at grammatically challenged emails promising the reader their portion of millions of unclaimed dollars if they clicked a link to get their share.
Today these attempts are far more nuanced and targeted, with emails appearing as legitimate communications. Now attackers can use information obtained from one breach to generate a secondary breach that leverages this intelligence. Employee security training can educate users on how to spot and avoid clicking on this type of dangerous entrant in their inbox, potentially saving your business from a disastrous situation.
3. Weak/Stolen Credentials
Far too often, companies fail to require complex passwords and frequent rotation/renewal of those passwords as a vital step in their cybersecurity measures. Additionally, credentials can be uploaded to cloud environments by mistake (or on purpose), making them available for discovery. Even more discouraging is the knowledge that many people continue to use the same password for their company network login and for social media and even banking sites. It’s a veritable hacker’s paradise to discover one compromised set of credentials works to access multiple accounts.
Luckily, new industry regulations and privacy laws are forcing companies to take a stronger stance when it comes to password complexity and refreshes. Weak credentials are an easily spotted corporate liability that will no longer be acceptable. Ongoing user training is also important to educate employees on how they should approach credential creation for accounts outside your organization.
4. System Misconfiguration
Server misconfiguration, particularly for cloud servers, has been the cause of many accidental information disclosures as well as malicious breaches. Improper system configuration can occur by accident when a poorly trained administrator makes a mistake and botches code. The problem occurs when databases or files are inadvertently left open to the public, ready for a hacker to find them and exploit their contents for their own monetary gain.
High-profile issues related to misconfiguration have plagued well-known companies including Verizon, AWS, and Scottrade Bank. Sometimes issues stem from poor security practices of subcontractors or third parties, underscoring the importance of making sure all business partners enforce a certain level of security monitoring and best practices. “It’s getting to the point where we really need to automate as much as possible to take the onus out of the employees’ or users' hands,” says Dan Freeman, HelpSystems Senior Solutions Consultant.
5. Unsecure File Transfers
Information can move around the globe at lightning speed, which is about how fast it can be intercepted if you’re not careful. Some companies forgo secure file transfer methods thinking the data they’re sending isn’t sensitive, so it doesn’t need to be protected. However, they often forget the entire connection is in the clear when using FTP, which means server credentials can be accessed and used to gain unauthorized entry into other parts of the business.
Transferring files both internally among coworkers and externally with trusted business partners as well as customers should be done in a secure, methodical way that’s traceable from one end to another. Not only must the path of the file be visible at all points, but all users sending, receiving, and otherwise interacting with the information also need to be identifiable. Another part of protecting information throughout the process is encrypting data both at rest and in flight. This is a last line of defense in the event your information is stolen. Hackers would need the appropriate keys to make sense of what they’ve found.
Understanding the Risks
Knowing what you’re up against when it comes to common cybersecurity risks will take you a long way toward closing gaps in your company’s security posture. Hopefully you’ve got a new perspective on the importance of addressing some of these issues.
Find out with a free virus and malware scan.