In 2015 companies faced attacks from every possible angle: real world terrorist organisations, nation states, hacktivists, organised crime, insiders and in some cases, their very own governments, writes Justin Harvey, CSO at Fidelis Cybersecurity.
The biggest headaches enterprises faced involved securing their company data and infrastructure. The sheer volume of data being collected grew and overwhelmed network security teams, particularly those charged with combing through sessions of full packet captures. The traditional network perimeter also continued to erode as organisations moved to the ‘cloud’. This caused many companies to race towards endpoint solutions to put something other than anti-virus on servers, workstations, laptops and tablets. The battle for the endpoint will continue to heat up through 2016 as more and more companies realise that taking a preventative approach to breaches is fraught with risk. Also, the rise of cyber legislation, as lawmakers attempt to tackle encryption and access issues, means that there will be an increasing amount of best practices to adhere to. Below are five top tips on how to prepare for the 2016 cyber threat:
Expect organisations to embrace encryption: The extent to which data threats should be considered real – or can be dismissed as hype – will largely depend on the security precautions taken by enterprises. At an absolute minimum, data must be encrypted while it is at rest or in transit. Recent incidents, such as the TalkTalk breach, demonstrate how a lack of encryption can expose vulnerabilities enabling an attack.
Prepare to shore up the endpoint: The network perimeter is rapidly disappearing – as phones, tablets and cloud computing replace traditional PCs and on-premise servers. Bring-your-own device policies and the ubiquity of cloud services keep files encrypted between users and cloud networks, and increasingly hidden from IT – creating security gaps that are ripe for attacks. In 2016, enterprises must evaluate their cloud service policies, monitoring strategies, and endpoint detection and response capabilities. They will continue to improve how they classify the sensitivity of their information, better understand where it resides within the network, and secure and monitor all endpoints.
Expect increased cyber-related legislation. We watched lawmakers rush to enact legislation around the classification of sensitive data, sharing of cyber threat intelligence, consumer privacy issues, and breach notification. We’ll continue to see encryption topics making political headlines. Expect ongoing interest by both central government and local authorities to obtain backdoors into devices and user communications. The data broker industry will face greater scrutiny. Just a few years ago, a typical data broker collected an average of 40 data points per consumer. Today, these companies gather up to 1,500 data points. Expect a push toward a data broker governance law as well.
Anticipate discussions around the vulnerability of the Internet of Things: Manufacturers are jumping on the IoT craze by introducing both new and traditional products – from toys to lightbulbs to home sensors – with a connected twist. These new IP-equipped products make it possible to send telemetry data to the owner, back to the vendor, and even receive remote commands – a disturbing concept should access fall into the wrong hands. The burgeoning IoT market and mainstream adoption of connected technologies represent large security risks because most homes lack appropriate protection levels. Many new IP-enabled products cannot be secured, leaving them vulnerable to a variety of attacks (denial of service, exposed latent vulnerabilities, etc.). IoT devices and internet-enabled cars pose potential risks in causing bodily harm, as seen with the Jeep Cherokee breach.
Brace for bigger, badder breaches. Enterprises capture and retain data at levels unfathomable just a generation ago – making them an attractive target for cyberattacks. In 2015, we witnessed organised crime syndicates and nation states hit government, retail, healthcare, and financial services companies, grabbing sensitive data on millions of people. Look for more large-scale attacks to continue – resulting in higher losses of personal and proprietary information.
Attacks will focus on both the public and private sector. Cyber criminals will set their sights high, zeroing in on industries that hold vast amounts of valuable company and consumer data. Global corporations and governments – especially those involved in defence interests – will be in the crosshairs of state-sponsored espionage actors. Expect additional breaches designed to embarrass or enact retribution, as we saw with the Ashley Madison breach.
