Cybersecurity is no longer a choice
Security breaches are once again making big news in 2016. Despite years of headline stories about security leaks and distributed denial-of-service (DDoS) attacks and repeated admonishments from security professionals that businesses needed to do a better job protecting sensitive data, many organizations are still unprepared or not properly protected from a variety of security threats.
The 2016 Cisco Annual Security Report (ASR) presents a challenging cybersecurity landscape: cyber defense teams are fighting to keep up with rapid global digitization while trying to integrate dozens of vendor solutions, speed up detection, and educate their organizations from top to bottom. Meanwhile attackers grow more bold, flexible, and resilient by the day, setting up professional infrastructures that look a lot like what we’d find in legitimate businesses.
One of the top findings from this year’s report was that defender confidence is dropping, with only 45% of global organizations worldwide confident in their security relative to today’s threats. However, many executive said they expect greater transparency on security in the future.
Still, these growing concerns are acting as a motivation for organizations to improve their security practices, as they know where their weaknesses are and what they need to work on.
Aging infrastructure also played a role in poor security posture with 92% of internet devices operating with known vulnerabilities. Jason Brvenik, the principal engineer for the Security Business Group at Cisco, said that some were running with up to 26 vulnerabilities. Additionally, 31% of devices are running with no vendor support.
Cisco’s report also identified another, a relational threat to enterprises – small businesses (SMBs). Based on the report’s finding, SMBs use fewer tools to identify and defend against security threats. These “structural weaknesses” present a potential risk to enterprises that may be working with SMBs in some capacity.
However, SMBs are improving their security due, in part, to outsourcing security services. Outsourcing security is on the rise with more than half of all larger organizations outsourcing consulting services, as well as a good number of businesses outsourcing auditing, monitoring, threat detection and response, and more.
Think you don’t have anything of value to protect? Think again.
No matter how large or small your company is, you need to have a plan to ensure the security of your information assets. The key asset that a cybersecurity plan helps to protect is your data, and the value of your business is in its data. You already know this if your company is one of many whose data management is dictated by governmental and other regulations. If your data management practices are not already covered by regulations, consider the value of the following:
- Product information, including designs, plans, patent applications, source code, and drawings
- Financial information, including market assessments and your company’s own financial records
- Customer information, including confidential information you hold on behalf of customers or clients
In today’s global, digital world, data rules. Safeguarding intellectual property, financial information, and your company’s reputation is a crucial part of business strategy. Yet with the number of threats and the sophistication of attacks increasing, it’s a formidable challenge. Is your business up for it?
Photo source: http://www.freedigitalphotos.net/