When we think about cyberattacks on businesses, many of us think of a hoodie-clad hacker slouched over a keyboard in some far-flung, underground lair. We read about data breaches like the recent Equifax debacle and scurry to develop new measures to defend against these faceless digital nemeses. But in fact, it's most often the threats that are right under our noses that pose more of a danger. Maybe Velma in accounting replied to a message she believed to have come from the bank, or the unwitting Richard in marketing clicked on a link he shouldn't have. It could even be Bob, your CEO, working on a home computer without any anti-virus software installed. We may not want to believe it, but when the worst happens it frequently originates from an internal source.
Companies are extremely vulnerable to the actions of their employees and insiders. A Harvey Nash/KPMG survey of 4,500 CIOs and technology leaders from around the globe found that insider threats are perceived as the most rapidly growing security risk to companies. In fact, IBM noted in its 2016 Cyber Security Intelligence Index that as many as 60% of cyberattacks are carried out by insiders. Their research also found that industries such as financial services, healthcare and manufacturing experience the highest level of attacks given that they have massive financial assets, a rich vein of personal data to be tapped, and physical inventories that hold significant value.
Some risks come from employees with malevolent intentions, while others are the result of carelessness or ignorance of appropriate cybersecurity precautions. Employees who want to finish up a project at home may send confidential information to insecure home computers, or an IT administrator, privy to all of the company's infrastructure, could make a small mistake that has devastating consequences. And some employees may inadvertently serve as ignorant patsies, their identities and access hijacked through a malware attack or phishing expedition. The most cunning of hackers, once they have the proverbial foot in the door, can find creative ways to gain even greater access to company data. And since these hackers are piggybacking on the identities of legitimate employees, they can often fly beneath the IT radar and escape detection until it's too late.
Companies walk a fine line when they try to establish protective measures. Overly restrictive security policies can reduce productivity and have a negative impact on morale, while inattention to security can have devastating results. That's why it's important that businesses be proactive in anticipating risks and developing strategies for defense. To start, every company should consider conducting a business-wide information security risk assessment to identify possible vulnerabilities. Managers and owners should know what critical data needs to be protected, where the data resides within the company, and restrict access to only those employees who have need of the data and have also received training in data and information security. New employees, contractors and consultants should undergo a background check before they're allowed access to sensitive data, and given training in appropriate data security measures during onboarding. Moreover, periodic training should be mandatory, and when employees leave the company their access to information should be quickly rescinded.
Threats to data security are dynamic and ever-changing. Companies a more likely to avoid data security breaches when they take pro-active measures to respond to the rapidly evolving threat environment.
Biggest Cybersecurity Threats in 2018
Some of the biggest threats experts are thinking about in 2018 range from the familiar to more novel cybersecurity considerations. Ransomware has become broadly known, in part due to the massive WannaCry attack that impacted businesses around the world. Experts anticipate that ransomware will continue to plague companies and individual users in 2018. Unfortunately, the technology used to launch ransomware attacks is only getting better at infecting computers and holding them ransom for cybercriminals.
Phishing is in some ways the precursor to ransomware. Phishing scams trick people into downloading malicious software. This technique has been around a long time and isn't going away in 2018. That's why it's so important to ensure employees are extremely careful with attachments and downloads. It is all to easy for an employee to use their personal email account on a company computer and unwittingly infect the entire business with malicious software.
Cybersecurity experts additionally advise that internal attacks could hit businesses in 2018. These types of attacks aren't accidents (as in many cases of phishing), but planned, intentional attacks by malicious actors within an organization. Businesses should consider investing in training and security staff to protect against this form of attack.
This article was updated February 19, 2018.