In our previous blog post, “Cyber Security Predictions for 2017,” we performed a retrospective review of 2016 and provided nine cyber security predictions for 2017. The cyber-threat landscape became increasingly hostile as hacking and data breaches dominated the political, social, and economic headlines, and cybercriminals turned to ransomware and DDoS (Distributed Denial of Service) attacks to target organizations of all sizes. The latter included an increased focus on industries with mission-critical infrastructures like utilities and hospitals
Cyber security isn’t going to become any easier in 2017. Organizations of all shapes and sizes must ensure they have the right technologies and processes in place to protect their infrastructures and information. With that in mind, we put together a list of 8 New Year’s cyber security resolutions for 2017.
1. Ransomware Readiness. Organizations are being held hostage by cybercriminals who demand a ransom in exchange for allowing them to regain access to their computer systems and data. This cyber activity spans myriad industry segments (with financial services and healthcare topping the list) and impacts organizations of all sizes – from consumers and small businesses to global enterprises. Cost of ransomware was projected to reach $1 billion in 2016 in the U.S., with the number of cases quadrupling from the year before.
As ransomware attacks become more advanced, cyber security teams desperately need to significantly ratchet-up their defenses to go way beyond signature-matching content to a list of the usual suspects or trying to analyze them in a virtual playground. Morphing attacks have proven to socially evade these hurdles. Ransomware neutralization requires an unprecedented level of inspection that completely dissembles digital activity to its most granular constitutes parts to remove weaponized scripts and payloads – all without delay and disruption to the business.
2. Prepare for New Regulations - GDPR. Any organization handling Personally Identifiable Information (PII) for EU citizens anywhere in the world will be impacted by the General Data Protection Regulation (GDPR), which goes into effect in May 2018. To prepare for GDPR, organizations must institute systems and processes that enable them to discover where PII data is stored, detect when it is shared and govern its use through prescribed security measures. The latter includes intelligent policies applied across all channels and based on GDPR geography, data type, purpose conditions and required security treatment.
3. Revisit Email Security. Ninety-one percent of cyber security attacks begin with a single email. In addition to protecting against malware attacks, including zero-day attacks, organizations must guard against social-engineering attacks that aim to steal valuable information or demand a ransom. But traditional email security approaches fail to block newer more evasive threats bypassing detection. Organizations need to revisit their email security defenses to focus on real-time sanitization by completely remove malicious content and redacting confidential information (e.g. user login names and passwords) leaving as a response to a phishing campaign. An enhanced layer of email security that can be performed without the impacting quarantines and delays to communications.
2017 must enhancements to email security should at minimum include:
Target prevention that minimizes information harvesting of personal details and metadata through social engineering attempts
Enhanced hygiene involving advanced phishing, SPAM detection, real-time cloud updates and multiple antivirus engines
Advanced threat protection for deep inspection and structural sanitization of hidden malicious macros and scripts
4. Migrate to the Cloud with Confidence. Twenty-two percent of critical information is stored in the cloud today, and this is expected to increase to 25 percent by the end of 2017. One of the areas of most rapid growth are office applications like Office 365, Google Gmail, and collaboration tools like Slack, Jive Software, among others. Last year, office system capabilities in the cloud comprised approximately 15 percent of applications used by users. But these are going to expand dramatically, with projections they will hit 60 percent – or 700 million users – by 2022.
Lack of security had organizations hesitate in their migrations previously because of the basic native security capabilities that cloud applications offered or lack of policy integration with their enterprise systems. But those looking to move more of their IT operations from on-premise to the cloud in 2017 can overcome these challenges by wrapping a layer of real-time inspection and sanitization of data flows destined for the cloud (i.e. Office 365 or Cloud Storage) to detect confidential information shared, malware attacks entering or unapproved apps accessed without permission.
5. Enact Cyber Readiness. Though the threat landscape continues to evolve and become more complex, organizations need to step up their cyber readiness with training and simulations based on the specific requirements of their company and business processes. In order to identify realistic worst-case scenarios from next generation cyber threats.
6. Get Back to the Basics for Document Security. Commercially sensitive information frequently needs to be removed from content before files are sent or shared, organizations can now add a safety net of document redaction and sanitization to their existing security gateways to automatically remove confidential information or often overlooked revision history, comment, and hidden metadata.
7. Prevent Accidental Web Leaks. Accidental data leaks can expose valuable information.
Repercussions range from brand degradation, to wasted marketing efforts, to noncompliance with privacy laws. The following are a few of the ways organizations can help prevent accidental web leaks …
Enhance existing internet web technology through reverse proxy to automatically inspect content being served at a granular level
Employ adaptive security policies for identifying and preventing accidental leaks without disrupting communications due to false positives
Empower department stakeholders to classify confidential information that enable the crowdsourcing of information detection policies
Put in place the same protection around web based (personal) email as you have for corporate email, as the threats are the same and the consequences of a breach the same
8. Address Shadow IT. Seventy-four percent of employees assume cloud applications and file sharing tools are approved for use by their companies. However, 70 percent of executives and IT managers have no idea how many unauthorized cloud apps and services are being consumed in their organizations – this is Shadow IT. These present various security and data risks. An important starting point is for organizations to configure their web security gateway to track and trace data flows out through cloud collaboration tools to determine Shadow IT usage, and ultimately put a program in place to convert Shadow IT to authorized IT. In the meantime, data flows to Shadow IT sites can be redacted and sanitized, preventing the leak of confidential information or inadvertent malicious downloads.