Cybersecurity is an important area of focus for companies of all sizes. Whether you’re a large enterprise or a small-to-midsize business, the likelihood that you - or someone on your staff - could fall victim to one of these threats is pretty high. This particular list includes things that I believe you are likely to encounter. Be informed and be proactive; knowing what’s out there helps you formulate a fast, proper response when you experience an attack or breach.
Ransomware, designed to disrupt business operations, experienced a strong resurgence in 2019. Today we are even seeing organizations that are offering Ransomware as a Service.I expect ransomware attacks to continue to increase in 2020. According to Ponemon, the average cost of a cyber attack now exceeds $3 million. The financial risks associated with business interruptions include direct revenue impact, lost productivity, and recovery costs. Organizations are also impacted by issues with customer and partner relationships and brand reputation, as well as legal and contracts.
Domain Name Server (DNS) spoofing is a cyber attack that uses altered DNS records to redirect online traffic to a fraudulent website - tricking people into entering data into the false/look-alike site. Personal data can then be used to gain access to a victim’s banking or credit card accounts. Unfortunately, it’s as easy as clicking on a malicious link disguised as something legitimate, such as your bank or a popular shopping site. Threat actors can also distribute malware via a spoofed DNS.
Phishing and Social Engineering
Malicious actors have become very adept at social engineering. By gathering information on their victims (including information about their families, their hobbies, their shopping tendencies, and their businesses), bad actors are able to design carefully crafted emails that fool the target into clicking on a malicious link - allowing the attacker access into a network. A recent report from Webroot indicates that nearly a third of phishing pages are using HTTPS and nearly a quarter of malicious URLs are hosted on trusted domains. These are all methods that are being used to increase the rate of breach success.
Third-party data breaches are at an all-time high. There is a growing awareness that third-party cyber risk must be managed. While third-party vendors provide much-needed services and offer solutions to a variety of challenges, they also pose a security risk to your organization. Bad actors penetrate computer systems and use the data found there to launch social engineering or phishing attacks against an organization. You are always as vulnerable as your weakest attack point - often that is a supplier or small vendor
Mistaking Compliance for Protection
Compliance sets a minimum standard for security. It is possible for an organization to check every box on a list of compliance regulations and still get hit by malware, ransomware, or any other type of cyber attack. Generally speaking, government regulators and standards move at a very slow pace, while attackers and threats undergo rapid changes daily. This sets many organizations up with a false sense of security. Mistaking compliance for security is a costly mistake that we see all too often.
Bring Your Own Device (BYOD)
Between the increasing sophistication of threats and threat actors and the growing number of personal devices used in the workplace, a BYOD policy is an important part of your security program. This policy should establish minimum standards to consistently and effectively manage the use of personal mobile devices as well as describe mobile computing management roles and responsibilities. What is the appropriate use of personal devices? Who does the employee contact upon losing a device? It’s important to have rules and procedures so that no one is left guessing.
Take A Multilayer Approach
Your best defense is a multilayer approach to prevention and risk mitigation. Managed Security Service Provider (MSSP) monitoring services, network security solutions, SIEM correlation tools and endpoint detection and response (EDR) are all extremely important in the identification of active attacks by these fast-evolving threats. However, actions taken by retailers and other third parties are also critically important. You need to be aware of your entire network and be vigilant about maintaining security across your environment.