Security and data breaches continue to hit the IT news streams this week. Classified data on Scorpene submarines has made its way into the public domain –putting the national security of a number of nations at risk.
Ransomware is making headlines, as well. Trend Micro reports that in the first half of 2016, the addition of new ransomware families has doubled in numbers and has cost enterprises $209M. Security professionals see this threat as their greatest emerging concern.
The UK has been cited as the world’s second most targeted nation behind the US. The latest trends show that the number of Distributed Denial of Service (DDoS) assaults has risen by over 220% here and that these assaults are coming from DDoS for hire services, where a minute-long malicious attack can cost as little as $5 to launch. Alarmingly, these UK attacks are not limited to major corporations, small and medium businesses in the UK are being targeted too.
The clear conclusion is that criminals are using these methods to attempt cyber extortion—especially during peak trading times.
Four things to remember when securing your enterprise:
- Make sure that you have the right consulting partners in place. Like physical security, digital security is a specialised discipline. It requires the experience of those who know how to keep the criminals away from the door.
- Educate your user community and keep them informed of existing and potential threats. Ignorance or innocence are what the criminals depend upon to be successful in their exploits. The more aware users are, the less chance of intrusion or infection.
- Keep your technology up to date. It is critical that patch levels are maintained on your security infrastructure and operating systems can shut down published exploits, so don’t skimp on your investment in new technology at both the network and client layer. Newer client technology will also support multi factor authentication methods, thereby removing the reliance on passwords.
- Have a robust and secure end of life process for IT asset disposition. Choose a supplier than can provide full chain of custody and audit trail throughout the process. Ensure that this supplier can guarantee data on any device is securely wiped or destroyed, leaving nothing to chance. Every data-bearing device is a potential breach waiting to happen. And it’s not just laptops at risk. Even photo copiers can hold secure company data.
For more information about keeping your data safe, visit our Data Privacy and Protection Zone.