Cybersecurity is no longer a choice
Security breaches are once again making big news in 2016. Despite years of headline stories about security leaks and distributed denial-of-service (DDoS) attacks and repeated admonishments from security professionals that businesses needed to do a better job protecting sensitive data, many organizations are still unprepared or not properly protected from a variety of security threats.
The 2016 Cisco Annual Security Report (ASR) presents a challenging cybersecurity landscape: cyber defense teams are fighting to keep up with rapid global digitization while trying to integrate dozens of vendor solutions, speed up detection, and educate their organizations from top to bottom. Meanwhile attackers grow more bold, flexible, and resilient by the day, setting up professional infrastructures that look a lot like what we’d find in legitimate businesses.
One of the top findings from this year’s report was that defender confidence is dropping, with only 45% of global organizations worldwide confident in their security relative to today’s threats. However, many executive said they expect greater transparency on security in the future.
Still, these growing concerns are acting as a motivation for organizations to improve their security practices, as they know where their weaknesses are and what they need to work on.
Aging infrastructure also played a role in poor security posture with 92% of internet devices operating with known vulnerabilities. Jason Brvenik, the principal engineer for the Security Business Group at Cisco, said that some were running with up to 26 vulnerabilities. Additionally, 31% of devices are running with no vendor support.
Cisco’s report also identified another, a relational threat to enterprises – small businesses (SMBs). Based on the report’s finding, SMBs use fewer tools to identify and defend against security threats. These “structural weaknesses” present a potential risk to enterprises that may be working with SMBs in some capacity.
However, SMBs are improving their security due, in part, to outsourcing security services. Outsourcing security is on the rise with more than half of all larger organizations outsourcing consulting services, as well as a good number of businesses outsourcing auditing, monitoring, threat detection and response, and more.
Think you don’t have anything of value to protect? Think again.
No matter how large or small your company is, you need to have a plan to ensure the security of your information assets. The key asset that a cybersecurity plan helps to protect is your data, and the value of your business is in its data. You already know this if your company is one of many whose data management is dictated by governmental and other regulations. If your data management practices are not already covered by regulations, consider the value of the following:
- Product information, including designs, plans, patent applications, source code, and drawings
- Financial information, including market assessments and your company’s own financial records
- Customer information, including confidential information you hold on behalf of customers or clients
In today’s global, digital world, data rules. Safeguarding intellectual property, financial information, and your company’s reputation is a crucial part of business strategy. Yet with the number of threats and the sophistication of attacks increasing, it’s a formidable challenge. Is your business up for it?
Photo source: http://www.freedigitalphotos.net/
Eri
Is that true? “92% of internet devices [have] known vulnerabilities.”? That would be horrible! O.O In that case, you’re totally right. Cyber security is no longer a choice!
Ron
This is so true, I wish I could go into details but we’re so much more exposed to evolving threats, maybe more than ever! Just look at those NotPetya & WannaCry files to realize the depth of the problem, and to what extent it may expand. Me and my colleagues we’ve all seen those malicious files personally, how could that be? Something’s becoming more vulnerable either malicious files get more sophisticated. And not to mention we were protected by cyberbit, which carefully detected the malware. To sum it up, nobody’s safe and therefore should not underestimate the significance of a well built protection array.
Rick Blaisdell
There are indeed many examples of threats in our daily life. So, taking it seriously is very important.
Jerome
Hi Rick, we’ve been recently hiring cyberbit’s machine learning technology for malware/ransomware detection. We’ve done our homework obviously, and this kind of feature installation is new to us. As an expert, I’d like to hear another opinion from your side about the significant advantage behavioral analytics have over signature-based, and maybe about the product we’ve purchased as well, if you have any personal idea of it.
Rick Blaisdell
Hello Jerome! Machine learning has always been successfully used as a powerful tool for cyber-threats detection. I believe it’s great that you implemented such technologies into your company. It can help you analyze data rapidly and also execute endpoints measures related to memory, registry, network and so on, while it can detect and block ransomware automatically, and proceed back up before the damage is done. It’s a good investment for every business that wants to leverage on the market through the latest technologies.