- With so many companies reporting cyber intrusions and a lack of confidence in IT security, it’s a great time to make sure that your company is protected.
- Attacks are getting more disruptive and costly as they target sensitive information and reduce productivity.
- Changes to how technology is used are contributing to growth in cybersecurity threats.
Every company is a target, no matter its size, function or annual revenue. Security risks come from every direction – malware, social networks and even employees. Every company has information worth protecting, and you owe it to your users to keep every byte safe and secure.
The increased attention from corporate America and the federal government has helped transform cybersecurity from a niche area to a key growth sector that is likely to receive a larger and larger chunk of private and public sector budgets. In 2012, the 56 companies in one study experienced 1.8 successful attacks per company per week, an increase of 42% from the previous year. Yet only 19% of companies say they are “very confident” in their security defenses.
With so many companies reporting cyber intrusions and a lack of confidence in IT security, it’s a great time to make sure that your company is protected. Here’s what to consider.
1. Threats Get More Common and Malicious
The past five to six years have seen the growth of threats like spam, phishing, malware and malicious websites. While those threats continue to grow, new ones are also being added to the mix. Attacks are getting more disruptive and costly as they target sensitive information and reduce productivity.
The threats are so malicious that even the United States military is on the offensive. The chief of the military’s newly created Cyber Command is establishing 13 teams of programmers and computer experts who could carry out offensive cyberattacks on foreign nations if the United States were hit with a major attack on its networks.
Some of the newest threats that target companys and the government include:
- Advanced Persistent Threat (APT) – These attacks combine social engineering and malware to target a specific entity and steal trade secrets, customer data or other confidential information. APT attacks increased 42% overall in 2012, with a significant increase against small businesses.vi
- Denial of Service (DoS) – DoS attacks are created to make a machine or network resource unavailable. Recently, computer resource-reliant call centers have come under attack with a new version of DoS – TDoS, which floods telephone lines at a call center with repeated calls from spoofed numbers.vii
- IPv6 Protocol Threats – The latest revision of the Internet Protocol, IPv6, has become a new target. Cybercriminals are finding ways to exploit vulnerabilities in the protocol and areas where system administrators left openings during their transition from IPv4.viii
- Mac-targeted Malware – The popularity of iPhones and iPads has helped fuel the laptop market, and the MacBook market share has steadily grown. That success has created a viable target. In April 2012, 600,000 Macs were infected with the Flashback Trojan.
- Promote Your Business – 3 Articles in 100 Languages for $149
- 3(21) Investment Advisor – Fiduciary Services – Flat Fee of $50 / Hour of Consulting
- A beautiful, well-written article that seamlessly promotes your business
- Professional Fiduciary Services – $100 for 2 hours
- Publish 3 Press Releases Over 2 weeks for $21
- Publish 2 Press Releases for $16 – Best PR Deal on the Internet?
- Publish Your Press Release on Google & Communal News for Just $11!
- Social Media Management – Business Brand Basic Package
- 401k Plans Fiduciary Review Services – 4 Hour Consult
- Build 5 Page WordPress Website for only $199
2. Changing Technology Drives Threats Up
Changes to how technology is used are contributing to growth in cybersecurity threats. Cloud computing, mobile devices, Internetbased applications and social networking have become major security concerns. This interconnectivity of devices, systems and users creates virtual highways for threats to spread.
While mobile computing and “bring your own device” (BYOD) have many advantages, the lack of corporate ownership and control adds to the security challenges. Mobile attacks are increasing, and 32% of all mobile threats steal information. A lost or stolen device is a common mobile security incident, and thefts of smartphones in major cities have become a national crime epidemic.
Cloud computing is convenient, but it presents additional risks. When a company uses a cloud provider, it leaves data protection in the hands of someone else. Even if the cloud provider has platforms that are more secure than the company that uses it, the provider may be a more desirable target of cybercriminals because of the high volume of data the cloud provider manages.
As business gets more social, security concerns rise. Users may view a social site as a safe place, but spammers and cybercriminals take advantage of that trust to launch attacks. They’re finding new ways to introduce malware and viruses through shortened URLs that appear to come from a friend, corrupted applications and malvertising. Some of these bring worms and Trojans onto a system and can create a serious corporate threat.
3. Integrated Solutions Manage Threats
Companys can secure the data they protect by employing a wide range of tools. It’s important to realize that it takes more than one tool to protect sensitive data.
Together, the right set of tools can help win the war against IT security breaches:
- Security Awareness Training – While technology tools can help with IT security, employee education plays a major role as well. Companies should provide education and training while enforcing policies to mitigate human error. Employees are the root cause of many data breaches, with over 78% of IT security practitioners saying negligent or malicious employees or other insiders were responsible for at least one data breach within their companys over a two-year period.
- Mobile Device Management (MDM) – Monitoring and managing mobile devices can help protect devices and the data they hold with location tracking, selective wiping and built-in reporting.
- Patching – Keeping systems up-to-date with current patches is the key to keeping vulnerabilities at bay.
- Antivirus & Anti-malware – McAfee catalogs more than 100,000 new malware samples every day, which translates to about one new threat every second. This only reinforces the need for integrated, real-time protection against zero-day attacks.
- One View For All – Developing a unified view of all endpoints, including mobile devices, is key. The easiest and most efficient way to do this is with a single underlying framework.
4. Add Value With Security Solutions
Security is a critical function for any company. IT departments need to make sure they have a comprehensive security solution. Your company cannot afford to be down for any amount of time, so IT professionals need to choose the right solution to avoid downtime for their company.
When seeking an IT security solution, look for one that:
- Integrates with your client management platform and allows you to manage multiple solutions and brands from a single-pane-ofglass.
- Provides double protection from viruses and malware. An on-demand second opinion scanner can detect and remove Trojans and rootkits found deep inside an operating system.
- Not only protects email accounts from spam and viruses, but provides hosted email services for email archiving, e-discovery, recovery and business continuity
- Provides a comprehensive patch management solution that is easy to implement. It should immediately begin auditing, patching, documenting and billing updates of third-party applications.
As security threats grow and become more malicious, the risk of security breaches becomes even more serious. Keeping up with the threats and methods of protecting sensitive data places a huge burden on IT departments.
When choosing the right platform, look for a wide range of security solutions, so you can provide your employees with comprehensive, efficient and effective protection and management.