Industry talking to customers What's this? The Ultimate Security Guide: Advice from top leaders in IT security Published: December 14th, 2016 By: IT World Canada Team Security isn’t getting any easier. In the past year, there were more reports than ever before of businesses that were paralyzed by cyber attacks.According to a recent PWC report, companies have increased their security spend by 24 per cent, yet security incidents have increased by 38 per cent. If current efforts aren’t working, how can organizations protect themselves against the constantly evolving threats?Softchoice interviewed top leaders in IT security to get their latest advice and published these insights in “The Ultimate Security Guide.”One overall theme that emerged is that it’s time to think differently about security. Here are some highlights from the guide.In the trenches: ransomware, malware and the crypto warsIn “The Trouble with Ransomware,” Fabian Ubogi, sales engineer at Intel, warns that people aren’t taking the ransomware threat seriously enough. Ransomware is designed to block access to an organization’s data until money is paid. The most lucrative and terrifying targets are often government agencies because they have outdated security technology, he says. Ubogi provides advice on what you should do to avoid your own hostage situation.Similarly, the threat from malware continues to grow. In “The Vast Underground Malware Economy,” Christopher Budd, global threat communications manager at Trend Micro, describes how the attackers have become as sophisticated as the software vendors they target. Budd reveals the shocking scope of the underground threat economy and some practical ways organizations can protect themselves.Early in 2016, the FBI tried to force Apple to create software to unlock an iPhone recovered from one of the terrorist shooters in an attack in San Bernardino, California. It was one of the latest salvos in the “crypto wars” – battles over government attempts to get access to encrypted data for law enforcement. In “Deciphering the Crypto Wars,” Kapersky Labs’ security evangelist, David Balcar advises how businesses can keep their encryption as unbreakable as possible in order to maintain consumer trust.How to address the talent gap and the weakest link:By 2020, the IT industry will have 1.5 million open security positions and not enough graduates to fill essential jobs. Even with current shortages, most security teams only have the power to decipher eight per cent of incoming unstructured data to protect their environments. But what if there was a technology solution that could solve this problem? In “New Tech Will Bridge the Security Talent Gap,” Willie Wong, Canadian marketing leader for security at IBM, unveils the solution.Even with a robust, compliant security infrastructure in place, all it takes is to bring an organization to its knees is for one employee to click on a phishing email. Regulated organizations often rely on a check-box compliance approach to security, but they may be overlooking the fact that people are usually the weakest security link. In “What is the Greatest Security Threat to Your Healthcare Organization,” Brook Chelmo, senior marketing manager at Dell SonicWall, provides insights on how regulated organizations can stay safe.Getting cloud security rightIT staff often assume that their cloud provider has taken care of all of their security needs. Many service providers offer excellent security within their own infrastructure, but when data is being transmitted to and from the cloud, it’s at risk. In “Under Pressure: The Cloud Security Burden,” Marty Ward, vice president at Sophos, identifies the four things you should know to protect your data in a cloud environment.IoT Advice from a Hacker “The Internet of Things is wonderful, and it’s going to be a huge opportunity for us,” writes a hacker in “Letter from a Hacker: the New Frontier of the IoT.” In the next 10 years, there will be more smart devices connected to the Internet than computers and mobile phones combined. But what people need to understand, says the hacker, is that the majority of IoT devices can and will get hacked. The hacker makes some straight shooting recommendations on how people should defend their devices.