The IT security landscape is evolving rapidly. Here’s what you can expect.
Hackers are moving far beyond phishing to stage sophisticated attacks against mission-critical assets. From your mission-critical enterprise resource planning (ERP) applications such as Oracle and SAP to your industrial control systems, nothing is off-limits.
Meanwhile, governments, such as the European Union and the state of California, are implementing strict data privacy regulations. This new legislation puts increased pressure on companies to safeguard their IT systems and ensure the privacy of customer, employee, and vendor data.
Failure to comply can result in penalties that have a significant impact on your business. For example, General Data Protection Regulation (GDPR) fines can amount to €20 million or up to 4% of the annual worldwide turnover of your preceding financial year, whichever is greater.
Most enterprises feel unprepared to deal with these changes. In fact, 51% of organizations do not believe they are ready for or would respond well to a security breach.
7 cybersecurity topics you should address
As you plan your cybersecurity initiatives, here are seven threats you should consider today.
Operational technology systems
Attacks on operational technology (OT)—the equipment that powers industrial control systems—are on the rise. The State of Operational Technology and Cybersecurity Report4 revealed that 74% of OT organizations experienced a malware intrusion within the past 12 months.
Respondents to the survey cited many impacts from these breaches, including “a reduction in safety, productivity, and revenue, the compromise of business-critical data, and damaged brand reputation.” The primary driver for these attacks is a lack of visibility, as 78% of respondents only have partial insight into the cybersecurity of their OT environments. It is challenging for IT teams to gain a complete picture, as OT equipment—such as valves, engines, and production systems—can fall outside of their traditional realm.
Internet of Things (IoT) vulnerabilities
Enterprise and automotive IoT devices range from robots on manufacturing floors to connected microwaves in office kitchens. They also include personal devices such as fitness trackers and smartwatches.
In fact, 30% of enterprises even reported that gaming consoles, such as Xbox or PlayStation, connect to their networks. As IoT devices expand throughout organizations, IT teams are often unaware of how many are accessing their networks and who is using them to do what.
All respondents found rogue IoT devices, and 90% saw previously undetected IoT wireless networks that were separate from their enterprise infrastructure. Third-party IoT also poses a risk, as IT teams often have little control over these devices.
A Ponemon Institute study found most organizations aren’t aware of every unsecured, third party IoT device or application on their network. The study revealed that 49% of enterprises do not regularly scan for IoT devices in their workplace, while just 8% say that they scan in real-time.
With shadow IoT and limited visibility, it’s not surprising that 67% of enterprises have experienced a security incident with managed IoT devices. In fact, 84% of IT leaders tell Forrester that their IoT devices are more vulnerable than their corporate-managed computers.
Ransomware attacks have increased sharply, according to a Malwarebytes Labs report. The rate of detection in businesses rose more than 500% between 2018 and 2019. In 2020, more threat actors will launch two-stage ransomware campaigns against corporate networks to exfiltrate sensitive data.
If your company is hit with a ransomware attack, you can face a number of consequences. Your risks include:
- Lost productivity and revenue if critical systems go down during an attack.
- Brand and reputational damage after you tell customers that their data was compromised.
- High costs. The average ransomware payment costs $84,116—up from $41,198 just one quarter ago.
Many companies don’t have the right tools and resources to block threats.
Experts believe that traditional anti-virus solutions are no longer enough to protect you from attacks. These old-school tools can’t keep pace, especially as ransomware becomes harder to detect and the number of users in your company increases dramatically.
A report from the SANS Institute stated that anti-virus solutions only catch 47% of compromised endpoints. To protect your data, look for an endpoint protection solution that covers all areas of your network and identifies threats in real-time.
Did you know that 64% of SAP and Oracle EBS deployments experienced breaches in the past 24 months?
The information compromised during these breaches includes sales data, human resources data, customer personally identifiable information, intellectual property, and financial data. The theft of your company’s most sensitive data can lead to dire consequences—from compliance violations to financial loss to bankruptcy.
However, many companies are not prepared for an ERP breach. For example, they may run their ERP systems on dated legacy technologies that aren’t secure. In fact, 82% of executives said that legacy technology supports critical parts of their business and integrates with their core systems, according to a recent survey.
Unlike a good whiskey or wine, technology doesn’t improve with age.
The longer you rely on legacy systems, the more risks you face. Most legacy technologies are so old that the manufacturer no longer supports them. They also aren’t updated or patched regularly. This neglect creates security gaps that can expose your sensitive, ERP data to cybercriminals.
Every year, more companies move their mission-critical workloads to the cloud and grapple with the new security challenges that come with it. 19% of enterprises have experienced a cloud breach in the previous year—an increase of 7% since 2017, according to the SANS Institute.
A Cloud Security Report found that enterprises’ top five cloud security threats include:
- Unauthorized access
- Insecure interfaces and application programming interfaces (APIs)
- Misconfiguration of the cloud platform
- The hijacking of accounts or servers
- External sharing of data
The consequences of a cloud data breach vary, depending on the type and amount of data that hackers steal. However, it can include the publication of employee, customer, and proprietary data on the dark web. Once your data escapes your control, you must react quickly to limit your brand and financial damage.
Cloud services are often safer than legacy systems. However, you can’t rely on your provider to handle every aspect of your security out-of-the-box. You also can’t trust your legacy security tools to work in the cloud.
Cloud security shared responsibility model
Many organizations that migrate their onsite data storage facilities to the cloud quickly fall prey to the age-old adage “out of sight, out of mind.” While cloud providers certainly bear the brunt of infrastructure security responsibility, they’re not responsible for protecting data within the cloud. This may sound illogical to the companies using cloud providers, but the cloud shared responsibility model clearly delineates security obligations between both parties. When maintained correctly, this model should keep companies more secure than ever.
Why does it seem like a new data breach captures headlines every other day?
A fundamental misunderstanding of security responsibilities — and how to manage them — leaves companies vulnerable to cyber threats. In this model, cloud providers are responsible for securing cloud infrastructure, including hardware, software, networking and facilities. Cloud customers, on the other hand, are responsible for securing the data they put in the cloud, which includes endpoints, accounts and access management.
Think of the cloud shared responsibility model like sending your kid to school. The school system, representing the cloud provider, is responsible for securing and maintaining the building your child attends. But as the parent (the cloud customer), you’re still ultimately responsible for caring for your child. If your kid (the data), misbehaves or contracts a virus, it’s your duty to tend to them. When we all do our part, the system works smoothly and all sides benefit.
How will you address these threats?
Most organizations are drastically unprepared for cyberattacks, which are only increasing in scale and sophistication. As you move forward with your IT security strategy, consider whether it will protect you from the threats mentioned above. If not, you may need to put additional resources in place to safeguard your company.
Organizations think cloud service providers are the ones responsible for securing their data in the cloud. This misunderstanding has critical repercussions. The Equifax data breach exposed the personal information of around 150 million Americans, or nearly half the nation’s population. In this case, Equifax ignored warnings from the Department of Homeland Security that its database was vulnerable to attack. Poor data governance practices, including an encryption certificate renewal lapse, password storage in plain text and a failure to patch a known vulnerability, all contributed to the breach.
Take ownership of your data
Once you understand the cloud shared responsibility model — and your role in it — you can take the necessary steps to better protect your company’s data.
- Establish strong vendor relationships: Even though your data is ultimately your responsibility, you don’t have to navigate the complexities of cybersecurity alone. Poor communication is likely a major contributor to the misunderstandings surrounding the cloud shared responsibility model. A good cloud partner should be open, communicative and responsive.
- Prioritize compliance: Likewise, look for a trusted, industry-vetted cloud provider. Only 16% of cloud services have one or more third-party certifications such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), SOC2, SOC3, or SSAE16.
- Staff up: Even though many C-suite information security leaders know data protection is their responsibility, 30% of companies lack the staff needed to secure their SaaS applications. Other organizations are entirely unaware of their security duties — and the required staff and resources to manage them.
- Educate employees: One in five network security managers think cloud providers are responsible for securing their organization’s data. Employees frequently open up back doors for hackers by engaging in shadow IT practices, a massive security risk for companies.
- Offload more of the burden: In addition to taking on cloud infrastructure security, many cloud providers offer other security services for greater protection. Look for partners with data monitoring, management, and recovery services to reallocate some of your enterprise security responsibilities.
What’s the difference between a risk and a threat?
It is important to really understand the difference between a risk and a threat. A risk is something you are not doing. A threat is something that can exploit that risk. You should make sure you know the top cybersecurity threats and minimize your risks to those threats.
Learn more about cybersecurity threats
To learn more about protecting yourself from today’s cybersecurity threats, get your copy of The Ultimate Guide to Enterprise IT Security.
You can also contact us today to discover how we help you with your cybersecurity efforts.