Security focus has shifted from what is being taken from businesses to how attackers are gaining access to enterprise systems. Symantec notes “the number of breaches rose 23 percent” and “there was a 26 percent increase in malware” from 2013. With five out of every six large companies being targeted by attacks, security professionals need to know how hackers are getting in.
If you want to protect your enterprise network and assets in 2015, you’ll need to understand the latest threats and breaches and how they affect vulnerable companies.
The Biggest Security Threats for 2015
Cyber attackers grow more sophisticated every day, throwing the cyber security landscape in flux. To properly protect against the latest threats, you need to know what they are and where you are vulnerable. IT World says that these are the biggest threats to look out for in 2015:
- The Internet of Things: The big data phenomenon hinges on the idea of the Internet of Things (IoT). More and more devices are connecting to networks and collecting valuable data for organizations of all sizes. Cyber attacks will start to hone in on the sensors that make the Internet of Things work, giving them access to sensitive company information. Including your automobile!
- Credit Card Breaches: The widespread amount of credit card breaches caused many financial institutions to crack down with chip and PIN technologies. Hackers are adapting, though. By modifying malware, credit card attackers can obtain more information than just card numbers, such as terminal, loyalty program and store-related data.
- Mobile Phones: Modern mobile phone attacks will be about much more than just the data stored on a specific device. Hackers will and are attacking mobile phones to gain access to the data stored in the corporate cloud.
- Rise of Old Source Codes: Heartbleed, Shellshock Poodle, Freak and Beast all fed off of the security process in open source code (SSL/TLS). Even though these threats have been addressed, developer’s use of old source code gives new life to the threats. Using third-party tools can allow dormant exposure points to harm networks once again. They are still threats!
- Cloud-based and Social Tool Threats: Cloud collaboration and social tools like Google Docs and Twitter are present in the workplace. Hackers can use this to their advantage, setting up command and control malware that passes through undetected by network administrators.
Data Breaches Can Happen to Anyone and You’re No Exception
Every company is susceptible to cyber attacks in 2015. No one is immune, not even companies with extensive security resources. Take a look at the major companies that have already been breached halfway through 2015:
- Blue Cross Blue Shield: 1.1 million users had their names, birth dates and email addresses compromised. Encryption salvaged social security numbers, but how soon until hackers find their way around that?
- Hacking Team: The Italian surveillance company had over 1 million emails published that revealed confidential involvement with various governments and zero-day vulnerabilities.
- LastPass: In the wake of an attack on Kaspersky Labs, LastPass fell victim to a security breach that endangered email addresses, password reminders, server per user salts and authentication hashes.
- Avid Life Media: The firm that owns AshleyMadison.com was hacked, compromising user databases, financial records and various pieces of intellectual property. The attack affected upwards of 37 million people and the effects are still being uncovered.
How a Data Breach Will Affect Your Company
Many organizations are running the risk of not properly protecting themselves from modern security threats. Security measures like firewalls can hurt network performance at times and 32% of IT pros avoid certain firewall features because of it. Disabling firewalls and other security measures just to save some network performance can cause massive damage in the wake of cyber crime:
- Approximately $364 billion was spent in 2014 to combat and recover from data breaches.
- Businesses spent roughly $491 billion because of malware-related incidents.
- It costs a company about $3.8 million to respond to one data breach. This is a 23% increase from 2013.
- The United States and Germany have the highest cost per recovered breached record at $217 and $211, respectively.
- Costs associated with lost business increased from $1.23 million in 2013 to $1.57 million in 2015.
Network downtime and performance concerns can be hazardous to any business, but disabling key security systems is not the way to fix it. With 55% of downtime caused by hardware failures and 22% caused by human error, it’s clear that there are bigger issues to tackle than disabling the preventative solutions you’ve put in place to prevent cyber crime. Take note of 2015’s biggest threats and breaches and start preparing for the world of cyber attacks.
Protect your company’s assets by implementing the right network design in your security projects, download Garland Technology’s guide, Optimizing Network Design in Security Projects.