Ever since Edward Snowden revealed the extent of state-sponsored espionage over the Internet in 2013 businesses have been acutely aware of just how vulnerable data communications are to being intercepted. It is no coincidence that in the same period cybercriminals have also stepped up their attempts to spy on organisations. For example, the use of Advanced Persistent Threat (APT) malware and ransomware to try to capture valuable financial or customer data for financial gain has risen dramatically. While no defense method is ever 100% impregnable the risk of snooping and theft of sensitive data can be significantly reduced by encrypting it using VPNs.
Cloud computing technology is fast becoming an attractive alternative to maintaining IT systems and applications on premise. In-house management and maintenance of IT is costly and resource-hungry. Small and medium-sized businesses in particular benefit from the way cloud services give them access to greater processing power and IT expertise than they could ever aspire to with the modest budgets and resources of their own. Cloud computing also provides an opportunity for large organizations to enjoy economies of scale for the high data volumes produced by the many and various devices, operating systems and applications they use.
According to the leading analyst firm Gartner Group over 50% of major new business processes and systems will incorporate some element of the Internet of Things (IoT) by the year 2020. The potential for IoT to revolutionize existing business models is very exciting. Industrial manufacturers are clearly in a hurry to capitalize on this virtual world of opportunities where new revenue streams flow from managing and servicing customers’ equipment remotely.
But before everyone gets carried away it is important to pause for a moment to consider how with the rush towards digitalization there is also a risk that IoT growth will outstrip cybersecurity considerations.
Organizations are being targeted by cybercriminals more than ever. According to the latest statistics from Symantec, 52.4% of phishing attacks in December 2015 were against small and medium-sized enterprises (SMEs). The month prior demonstrated an even bigger spike. The situation is forcing businesses of all sizes to augment their network and mobile security. Topping the list of improvements include the need for better threat intelligence and endpoint security.
Security information and event management (SIEM) systems provide a valuable tool to gather threat intelligence through activities logged from various applications and devices. The logs are then combined to create threat intelligence reports that can identify signs of unauthorized behavior. Because of their complexity, until recently SIEM systems were considered exclusive to those large enterprises with access to the sizeable budgets and resources required to maintain them.
It’s fair to say that organizations, particularly larger enterprises, are making more concerted efforts nowadays to invest heavily and quickly into cybersecurity. Just a few short years ago, businesses were content with treating cybersecurity as something frivolous, an optional add-on; a cyberattack couldn’t possibly happen to you, right? And yet, in a short amount of time, we’ve seen the rate of cyberattacks and data breaches explode, both in frequency and impact. Seemingly no one is outside the firing sights of hackers: enterprises, SMBs, government agencies, individuals; all are fair game and have been targeted without impunity.
That kind of fear has lit a fire under previously complacent organizations now looking to ramp up their cybersecurity game. But not all enterprises – and especially SMBs, which have comparatively fewer IT resources to work with – know exactly how to translate that urgency into action. They know they want solutions that are easy to use, easy to implement and get the job done – but where do you start? What’s ground zero for company cybersecurity?
Happy 2016! It’s a new year, and a time for fresh resolutions to improve your life over the next 12 months, whether that involves running a marathon, getting a new job or taking that trip abroad you’ve been putting off.
But for businesses, those New Year’s resolutions should be expressly focused on stronger security. With data breaches, email hacks and password thefts becoming more and more commonplace – and each cyberattack casting wider nets of victims – this is one resolution that can’t be allowed to fall through.