Top 5 Information Security Forecasts
Let's face it, the past year has been terrible for cybersecurity, with a huge amount of phishing attacks, ransomware viruses, etc. I wonder if 2018 will be better?
Many world-class experts predict an increase in the number of attacks. They believe that new, complex methods will be developed with more devastating consequences.
The network has hundreds of predictions in the field of IT security, we have narrowed the circle and collected for you the top 5.
Ransomware is malware designed to extort. The use of the ransomware virus will be a widespread method of attack in 2018. For criminals, it is one of the easiest ways to get money, mostly from companies that use outdated systems that can be easily cracked.
')
Hackers will think up such attacks using Ransomware, which are more difficult for security products to remove. Instead of simply launching malicious files on your computer that can be detected by antivirus software, they will use code that at first glance seems legal, because it works in programs such as Microsoft Word.
Possible solution: First, update the system, because old systems are most vulnerable to such attacks. Secondly, you can create a backup in the cloud or on external devices, which will ensure the safety of your data.
Internet of Things (IoT) or in Russian The Internet of Things is the concept of a computer network of physical objects equipped with technologies for interacting with each other or with the external environment, excluding the need for human participation from some actions and operations.
The growing interconnection of devices, from mobile devices to vehicles and household appliances, increasingly complicates information security.
In a recent poll by AT & T Cybersecurity Insights, almost 1/3 of the participants called IoT attacks one of the main problems of our time. As long as smart devices appear on the market without security rules, the number of attacks will only grow. Since not all modern data processing technologies guarantee comprehensive control. An increase in the number of DDos attacks is expected, taking advantage of the vulnerability of IoT devices.
To avoid potential attacks on IoT devices, you should evaluate all possible risks and create an effective protection strategy.
With strict regulations, such as the General Data Protection Regulations and the NIST SP 800-171 Special Publication, which have recently entered into force, companies need a deep awareness and understanding of their data.
To avoid fines and penalties, companies will seek to abide by the rules, despite their unwillingness to do so.
Possible solution: Find and fix weak spots.
Most businesses focus on external threats from hackers. But we should not forget that your own employees, most often become the cause of the violation - often improperly handling data or acting carelessly. Due to the fact that most companies do not take the internal risks seriously, this is a huge threat to data security and confidentiality.
According to the Harvard Business survey, the role that insiders play in corporate vulnerabilities is huge and growing. IBM's “2016 Cyber ​​Security Intelligence Index” report showed that 60% of the attacks were carried out by insiders, 3/4 of which were the result of malicious intent, and 1/4 - an error.
Possible solution: Using employee monitoring software that can determine which security policies are violated and which employees. Tracking tools reduce internal risks by analyzing employee behavior trends. They also allow you to write rules that prevent dangerous behavior of employees, for example, sending confidential information via e-mail or printing confidential records.
Still, too many companies are using simple cybersecurity response methods, taking action only if they are violated. However, companies have already begun to realize the risks associated with the use of outdated systems and firewall security restrictions.
A possible solution would be to use proactive prevention strategies, such as monitoring and analyzing data.
After we have witnessed large-scale attacks against companies and various institutions everywhere, it is important to understand how we can protect our privacy and security on the Internet.
In 2018, to protect themselves from malicious attacks, companies should pay most attention to software updates, as well as review information security principles.
Many world-class experts predict an increase in the number of attacks. They believe that new, complex methods will be developed with more devastating consequences.
The network has hundreds of predictions in the field of IT security, we have narrowed the circle and collected for you the top 5.
1. Expected increase in use of Ransomware
Ransomware is malware designed to extort. The use of the ransomware virus will be a widespread method of attack in 2018. For criminals, it is one of the easiest ways to get money, mostly from companies that use outdated systems that can be easily cracked.
')
Hackers will think up such attacks using Ransomware, which are more difficult for security products to remove. Instead of simply launching malicious files on your computer that can be detected by antivirus software, they will use code that at first glance seems legal, because it works in programs such as Microsoft Word.
Possible solution: First, update the system, because old systems are most vulnerable to such attacks. Secondly, you can create a backup in the cloud or on external devices, which will ensure the safety of your data.
2. IoT and risks associated with it
Internet of Things (IoT) or in Russian The Internet of Things is the concept of a computer network of physical objects equipped with technologies for interacting with each other or with the external environment, excluding the need for human participation from some actions and operations.
The growing interconnection of devices, from mobile devices to vehicles and household appliances, increasingly complicates information security.
In a recent poll by AT & T Cybersecurity Insights, almost 1/3 of the participants called IoT attacks one of the main problems of our time. As long as smart devices appear on the market without security rules, the number of attacks will only grow. Since not all modern data processing technologies guarantee comprehensive control. An increase in the number of DDos attacks is expected, taking advantage of the vulnerability of IoT devices.
To avoid potential attacks on IoT devices, you should evaluate all possible risks and create an effective protection strategy.
3. Tighter regulations
With strict regulations, such as the General Data Protection Regulations and the NIST SP 800-171 Special Publication, which have recently entered into force, companies need a deep awareness and understanding of their data.
To avoid fines and penalties, companies will seek to abide by the rules, despite their unwillingness to do so.
Possible solution: Find and fix weak spots.
4. Negligent or malicious employees
Most businesses focus on external threats from hackers. But we should not forget that your own employees, most often become the cause of the violation - often improperly handling data or acting carelessly. Due to the fact that most companies do not take the internal risks seriously, this is a huge threat to data security and confidentiality.
According to the Harvard Business survey, the role that insiders play in corporate vulnerabilities is huge and growing. IBM's “2016 Cyber ​​Security Intelligence Index” report showed that 60% of the attacks were carried out by insiders, 3/4 of which were the result of malicious intent, and 1/4 - an error.
Possible solution: Using employee monitoring software that can determine which security policies are violated and which employees. Tracking tools reduce internal risks by analyzing employee behavior trends. They also allow you to write rules that prevent dangerous behavior of employees, for example, sending confidential information via e-mail or printing confidential records.
5. Simple response methods
Still, too many companies are using simple cybersecurity response methods, taking action only if they are violated. However, companies have already begun to realize the risks associated with the use of outdated systems and firewall security restrictions.
A possible solution would be to use proactive prevention strategies, such as monitoring and analyzing data.
After we have witnessed large-scale attacks against companies and various institutions everywhere, it is important to understand how we can protect our privacy and security on the Internet.
In 2018, to protect themselves from malicious attacks, companies should pay most attention to software updates, as well as review information security principles.
Source: https://habr.com/ru/post/348052/
All Articles