June 1, 2018
11 New Cyber Threats – No More Band Aid Strategies
We are in the midst of a car wreck in terms of security attacks and many companies are treating their wounds with band-aids. Without a cohesive cyber security strategy to address the changing cyber security threat landscape, there is no hope of avoiding a disaster.
11 Changes to the Cyber Security Threat Landscape
- Criminals are attacking all size businesses, so no one is safe. Fifty eight percent (58%) of breach victims are small businesses and are generally financially motivated.
- Security breaches are caused by a wide variety of attack methods. Top attack methods include: 1) hacking including stolen credentials, 2) phishing, 3) malware (including ransomware), 4) errors as a cause, 5) social attacks, and 6) access privilege misuse.
- Attackers live for months within your network once breached. Enabling attackers to implement whatever scheme they desire. Protection solutions alone are not adequate and detection methods are frequently inadequate.
- Targeted attacks against your most valuable people are on the rise and enabled by AI.
- Spear phishing attacks are targeted attacks against your highest value users. Four percent (4%) of people will click on any given phishing email campaign. Phishing is almost never reported by employees so other methods are needed for detection and blocking.
- CEO fraud leverages social media, email communication, and other public data to attack your high value processes. Criminals learn who your key people are, how they communicate, what you have of value and how to perpetrate low visibility, high success rate attacks.
- AI based attacks are beginning and will harvest social and other data to target your weakest links. Customizing attacks to evade your security will require a dynamic security environment.
- Advanced malware continues to morph at a high rate that is uncatchable by conventional antivirus solutions. Ransomware is found in nearly 40% of malware. Email is normally the way in.
- Online Cyber-attack kits are available to criminals to enable the latest cyber-attack technology to people with criminal motivation, but without the technical skills to launch their own attack.
- Identity theft is rampant. That means that access to online accounts and corporate networks is frequently available through stolen passwords. Why hack into systems when you can just log in.
- Errors are at the root of nearly 20% of breaches. Protecting against errors requires a well thought out security plan. Twenty-eight (28%) of breaches are caused by internal people. Internal actors causing breaches most often include system administrators and end users.
- Trusted 3rd parties often have access to key data and systems. 3rd parties are hard to control and provide authorized external threats to whatever systems they can access.
- Everyone has a website and web applications are one of the top breach targets in recent cyber surveys. Most companies do not adequately protect their web servers, web applications, and content management systems.
- Emerging IoT and Mobile attack targets make protection difficult with traditional security.
- IoT devices use a multitude of embedded systems with no standards. Vulnerabilities are different on each device.
- Wireless mobile devices provide multiple vulnerabilities. Many get lost or stolen and have little or no data protection. Most have access to company Wi-fi networks often with little controls.
10 Implications for Your Cyber Security Strategy
- Assess your risks and define your gaps. 3rd party risk assessments can do that.
- Define a security plan and allocate your budget to address all prioritized gaps. Don’t overspend on one solution and ignore another.
- Utilize 3rd party security experts to assess risks and to help manage your security. Unmanaged security is no better than zero security.
- Static solutions won’t hack it. Attacks are increasingly dynamic and AI attack tools have the ability to target your weak links.
- Solutions include: a) AI/machine learning, b) behavior based, c) multi-sourced integrated threat intelligence, d) sandboxing etc.
- Monitoring and threat detection solutions are necessary to catch what does get past your defenses.
- Solutions include: a) SIEMs & SIEM monitoring services, b) security product specific monitoring, c) AI/ML based network and endpoint monitoring.
- Use multi-factor authentication (MFA). Access control is a top security hole.
- Encrypt and protect your data using data protection solutions. Don’t leave key information exposed on servers, laptops and in communications.
- Integrated security solutions that share threat intelligence
- Protect your Website and web portal (if you have one). Web applications often provide access to you network and data.
- Train your people. Properly trained employees have the ability to avoid many complex attack methods (using “real Intelligence”). Regular training including phishing simulations creates ongoing awareness.
Contact Us – eSecurity Solutions can help you with your Cyber Security Strategy:
- Assess your risks, prioritize your security gaps and define a compliance level cyber security strategy
- Define an Adaptive Ecosystem security strategy
- Become regulation compliant
- Implement and Manage your security
- 2018 Data Breach Investigations Report