What lessons on cyber security can we take into 2018?
If 2017 is remembered for anything in the cyber sphere, it is remembered as the year of malware. There have been quite a few high-profile breaches and ransomware campaigns such as WannaCry and NotPetya. The question is, what can we learn from last year to improve things for this year?
One thing is clear: ransomware is evolving and is being deployed with more regularity. While targets, attack groups and tactics may change, there is growing concern that ransomware could easily be combined with nation-state developed exploits to spread through networks at an alarming rate. An example of this would be the Bad Rabbit attacks which were specifically designed to infect a large number of networks, using watering hole attacks.
"What we are learning from these attacks is that it is vital to patch any known vulnerabilities the moment a fix is available. At the same time, it's important that we understand how security can be undermined and to research the exploits that are available for popular software," advises Anvee Alderton, Channel Manager for Trend Micro Southern Africa.
Business Email Compromise (BEC) is also one of the major threats that many organisations may encounter. The FBI reported that between October 2013 and December 2016, $5.3billion was lost due to BEC. Predictions are that this number may increase to $9bn this year.
"BEC is actually one of the easiest attacks to prevent. BEC relies on social engineering and with better staff education and something as simple as ensuring two finance managers need to sign off on the transfer of large sums can mitigate the damage that such attacks could incur," Alderton continues.
Last year saw big name firms such as Yahoo, Uber and Equifax come under attack. What this has highlighted is that it's important to get the basics of cybersecurity right - no matter what size your organisation. The cost financially, as well as to a company's reputation, can be irreparable.
Another great concern is the advent of the implementation of GDPR across Europe. Worryingly, a lack of interest from senior executives means that more than half shun responsibility for it. This is of particular concern since organisations have to comprehend what data they hold and be able to produce a breach notification plan. This is in addition to implementing top shelf technology to prevent cyber-attack.
"It really doesn't matter when it comes to the size of the firm or whether the breach occurs through IOT or the cloud, or through social engineering. Vulnerabilities are the biggest threat all companies face. If there's a hole in your security, someone will find a way through it. Use those patches as soon as they become available and educate staff. There is no better cure for attack than prevention and being prepared," says Alderton.
New vulnerabilities and attack methods emerge daily - some of which could be devastating for the security of a company's networks and systems. This is the year for CISOs to become hypervigilant and ensure that they have the right patch available at the right time, as well as the ability to respond to threats swiftly and efficiently.