Information Security Threats of Current Era
2016 is probably the year of cyber risk. I say this because increasingly we are seeing a raised incident targets with its peculiarities and attacks and will continue to become more innovative and sophisticated. While organizations are developing new security mechanisms to protect their frame, cybercriminals are cultivating new techniques to evade them. Organizations should have the flexibility to withstand unexpected and heavy impact security events.
The six Information Security threats dominating the current era are:
1. Cybercrime: Cybercriminals use 21st century tools to invade the 20th century systems. We are seeing more collaboration between the Cybercriminals to create a higher degree of competency. Online extortion will be more prevalent in the coming years.
A leading security company strategists says “Every minute, we are seeing about half a million attack attempts that are happening in cyber space”.
The leading Cyber threats are:
a. Ransomware attacks: Out of this Crypto-style Ransomware are so rampant where the victim’s data disks are encrypted and a huge ransom is asked to decrypt.
b. Zero-Day vulnerabilities: On an average a new zero-day vulnerability was discovered each week
c. Personal record loss: It has been estimated more than half a million personal records were lost in 2015
d. Spear Phishing campaigns targeting employees increased drastically
e. Rogue governments use terrorist groups to launch cyber attacks.
The difficulty here is the expanse of such threats is so complex that there are no single or a few multi shot solutions to mitigate these.
2. Threat from Third Party Providers: Starting from the reason cost reduction, more and more organizations outsource their services and support to Third Parties. This leads to an increased risk of its confidentiality, integrity or availability being compromised. Coming years, Third Party providers will continue to be the target for attackers. In order to reduce/mitigate the risks, organizations should primarily look into the TP capabilities to withstand risks like:
a. Natural disasters
b. Cyber attacks
c. Data breaches
e. Supply chain disruptions.
3. Social Media, Mobility, Analytics and Cloud (SMAC): SMAC as a whole continues to be a threat. Progressively organizations embrace these technologies and engross them into their core business activities, it is very important to make sure organizations have implemented the following controls:
a. Create Comprehensive security strategy which accounts all the elements of SMAC
b. Develop a SMAC security policy that covers all the areas of the organisation
c. Deploy Cross Domain solutions for security.
4. BYOD (Bring Your Own Device): Large number of organizations are asking its employees to bring their own stuff, could be a device or an application. Threats include mismanagement of devices, manipulation of data or software. Need to keep in mind, bringing such technologies without investing on security and implementing it effectively will be BYOD (Bringing Your Own Disaster!).
Challenges organisations usually face:
a. The right of users to leverage the capabilities of their personal devices conflicts with enterprise mobile security policies and increases the risk of data leakage and the exploiting of vulnerabilities.
b. User freedom of choice of device and the proliferation of devices with inadequate security makes it difficult to properly secure certain devices, as well as keep track of vulnerabilities and updates.
c. The user's ownership of device and data raises privacy concerns and stands in the way of taking corrective action for compromised devices.
Areas that needs focus are:
a. Create the policy before bringing in the Technology
b. Part the Corporate and Personal data and monitor the usage
c. Put in place effective Device management with comprehensive threat protection
d. User education
5. People: Any organizations greatest assets are their people and they also have the maximum access to their systems. This continues to make ‘people’ the most vulnerable targets and there won’t be any change in this in the coming years as well.
Areas to concentrate on user awareness are:
a. Establish minimum security awareness level
b. Organization-wide regular user awareness programs which could include - induction programs, class room style trainings, Security awareness websites, helpful hints via email, information security online reading rooms, quiz programs etc.
c. To make these programs effective, it is very important to link these trainings to the employee appraisals and performance and assign awareness levels to employees as per their categories.
6. Internet of things (IoT): More and more devices are getting connected to the internet. It is estimated that more than 25 billion devices will be connected to internet by 2020. IOT devices and embedded systems are the core of IoT’s popularity, but unfortunately security is not. Every sensor added to a device can be a benign data point and many of which share confidential information. How the configuration management is assured for these devices makes all the difference.
Following are the major IOT risk areas we should consider:
a. Modular Hardware & Software management
b. Denial of Service (DOS) attacks
c. Identifying and implementing security controls
d. Vulnerability management It is important to remember that technology cannot solve all our problems, it can only replace with more challenging ones.