The year about to end has been ugly for many infosec pros, with embarrassing breaches and record amounts of personal data exposed.
In a look back at both big and small breaches IBM found bad and good news: Many, if not most of the security incidents to which its emergency response teams responded involve fundamental breakdowns in sound security practices “and are wholly preventable.”
The good news, IBM says, is that if organizations can take stronger responsibility and make a few small changes they’ll see a big impact for the long term.
First the trends:
- Rise of Ransomware: This was the most commonly encountered infection. In fact, the FBI reported Cryptowall ransomware attacks have netted hackers more than US$18 million from 2014-2015. IBM researchers believe that it will remain a common threat and profitable business into 2016, migrating to mobile devices as well.
- Biggest Threat May Be Inside: This is a continuation of a trend seen in 2014 when IBM [NYSE: IBM] saw hat 55 per cent of all attacks in 2014 were carried out by “insiders” or individuals who had insider access to an organizations system – knowingly or by accident.
- The C-Suite Cares: In 2015, cybersecurity became a true concern at the boardroom level with more positions of power asking questions about their organizations’ security posture. In fact, a recent survey revealed that 85 per cent of CISOs said upper-level management support has been increasing, and 88 per cent said their security budgets have increased.
- Thank the amateurs (sort of): While 80 per cent of cyberattacks are driven by highly organized and sophisticated online crime rings, it is often inexperienced hackers – aka “script kiddies” — who unknowingly alert companies to these larger, sophisticated hackers lurking on a network or inside an organization. These amateur hackers leave clues like unusual folders or files in a temporary directory, deface corporate web materials, and more. When organizations look into these mischievous attacks, they often find much more complex attacks.
There are detailed recommendations for dealing with a number of the problems IBM saw this year, which you can read in the report (see the link below). But a lot of it involves patch management, user education, proper password procedures and standard security practices. “A defense-in-depth strategy built on these components will help organizations reduce the risks we see today and expect tomorrow,” the report concudes.