Expert Answers to Biz Questions
Listen in! Pick up some expert advice to a reader's question that we selected from CyberSchmooz.
5 Cybersecurity Threats to Watch in 2018
Last year was a banner year for data breaches, which increased 29 percent year-over-year in the first half of 2017 to hit a half-year record high. High-profile cases like the Equifax data breach, which compromised the personal information of more than 143 million American consumers — many of who had no idea they were connected to consumer reporting agency in the first place — have brought threats that might have been unthinkable in the past directly into nearly half of Americans' homes.
For businesses, data threats have always loomed large. A 2017 cost of data breach study revealed that companies are suffering larger data breaches than ever, with the average cost of each breach at $3.62 million and the average cost of each lost record costing $141.
Cybersecurity threats online can influence governments, result in personal identity theft, and cause significant safety dangers. Here's how five of the biggest cybersecurity threats to watch in 2018 can affect your business.
1. Internet of Things Vulnerability
With the global Internet of Things market growing from $157 billion in 2016 to $457 billion by 2020, hacking into connected devices is also expected to increase. While connected smart homes have experienced hacks that left digital video recorders, routers, and IP cameras vulnerable, the same threats can affect IoT devices in businesses that are increasingly becoming more digital, like smart whiteboards, video conferencing, and other online tools.
Trend Micro predicts this year will be a significant time for cybercriminals to use IoT devices to mask their real location as they're committing crimes, which then get traced back to the devices. When criminals take over connected devices that are not secure to steal sensitive information or coordinate home break-ins, the brand reputation suffers as the company makes its own customers vulnerable.
Ransomware, in which attackers steal sensitive information and then demand a ransom payment to re-secure it, can be debilitating to businesses small and large. In 2017, a ransomware dubbed GoldenEye spread to affect government entities in the Ukraine, before unleashing globally to Russia, Denmark, and the United States. All it takes is a single individual to accidentally download malware that may seem totally legitimate. Once it spreads, it can steal or lock down files, which attackers might not even return after getting paid.
Ransomware and digital extortion are expected to be some of the most significant dangers to individuals, businesses, and governments in 2018. Ransomware that disrupts manufacturing can halt production for businesses, while the amount of money demanded in a ransomware attack can completely bankrupt an organization.
3. Business Email Compromise
When business professionals don't pay attention to the messages they're receiving and the people they're giving information to, business email compromise (BEC) becomes a major threat. In BEC, data thieves use a professional email address to impersonate the identity of the professional, then ask for money transfers and more from unsuspecting victims. In 2017, the Federal Bureau of Investigation said BEC global losses reached $5.3 billion since 2013. Tactics such as bogus invoices and supplier transactions were used, and chief finance officers and other finance professionals were the positions most likely to be targeted in 2017.
Those in the position that was most likely to fall for a BEC attack, such as a phishing scheme to gain email access, where those in chief executive officer positions. BEC attacks illustrate how important employee training is for what to look out for to thwart these kinds of attacks.
4. Machine Learning Threats
Machine learning is a key component in making businesses more efficient and more profitable than competitors. Data collection and analysis gives businesses better insight than before, and that includes what machines learn about cyberthreats. Machine learning allows businesses to predict attacks and identify them more quickly, which can help shut them down, minimize damage, and teach more about how to thwart them more effectively in the future.
Unfortunately for businesses, smarter machines can be taken over by criminals when there are vulnerabilities. The data your machine has access to becomes available to attackers who use them, which makes securing machine learning efforts paramount for business protection. Not only does an attacker who gains control of a machine put a business at risk, but attackers also gain knowledge of the intelligence that signals the business's defense responses and vulnerability coping.
5. Enterprise Application Vulnerabilities
Widespread use of enterprise applications means consumers are interacting with more businesses on a daily basis than ever before. The average smartphone user uses about nine applications a day and accesses 30 per month. Serverless apps, which rely on cloud computing connectivity, are just as vulnerable as server attacks and can impact billions of users in an instant. Serverless apps can have their data attacked while it's being transmitted across a network, compromising user location and other personal data.
Regular patching and application testing is crucial to identify vulnerabilities early. If your business deploys an enterprise application, it should run on a virtual private network or be protected by encryption to protect the data of your users.
How to Keep Your Business Protected in 2018
Already this year, major tech players Amazon, Google, and Microsoft have responded to issues concerning chip-level security vulnerabilities that can affect computer chips running on personal devices and cloud computing servers in data centers. Cybersecurity threats are not going anywhere any time soon, and if you care about the state of your business and its customers, you need to take proper precautions.
First, using reputable enterprise cyber and endpoint security solutions is wise, as you gain an expert partner in threat detection and user protection. Within your company, you should test your systems regularly to detect threats and make sure hardware is secured. Encrypt data for customers. Train your staff about threats they face in their daily work, which could impact the entire business.
Cybersecurity threats are costly and time consuming. They can also completely erase the trust your customers have in your business, a priceless commodity. Stay up-to-date on security threat developments, and apply your knowledge to your business to stay protected.
Copyright 1995-2019, Idea Cafe Inc. Downloads are for personal use only, not for resale to others, and may not be reprinted in any form without written permission from Idea Cafe Inc.
DISCLAIMER: We hope whatever you find on this site is helpful, but be cautioned that it may not apply to your own situation, or be totally current at any given time. Idea Cafe Inc. and all of its current and past experts, sponsors, advertisers, agents, contractors and advisors disclaim all warranties with regard to anything found anywhere on this family of websites, quoted from, or sent from Idea Cafe. and its related sites, publications and companies. We also take no responsibility for comments published by others on these pages. TRADEMARKS: The following are Registered Trademarks or Servicemarks of DevStart, Inc.: Idea Cafe®, Online Coffee Break®, The Small Business Gathering Place®, Take out Info®, Biz Bar & Grill®, Complaint-O-Meter®, A Fun Approach to Serious Business, CyberSchmooz, and BizCafe.
DISCLAIMER: We hope whatever you find on this site is helpful, but be cautioned that it may not apply to your own situation, or be totally current at any given time. Idea Cafe Inc. and all of its current and past experts, sponsors, advertisers, agents, contractors and advisors disclaim all warranties with regard to anything found anywhere on this family of websites, quoted from, or sent from Idea Cafe. and its related sites, publications and companies. We also take no responsibility for comments published by others on these pages.
TRADEMARKS: The following are Registered Trademarks or Servicemarks of DevStart, Inc.: Idea Cafe®, Online Coffee Break®, The Small Business Gathering Place®, Take out Info®, Biz Bar & Grill®, Complaint-O-Meter®, A Fun Approach to Serious Business, CyberSchmooz, and BizCafe.