The new year brings plenty of the same old security challenges and problems, as well as some new mash-ups of old attacks.
The new year brings plenty of the same old security challenges and problems, as well as some new mash-ups of old attacks.With the new year -- the new decade -- just a couple of days old, it's already clear that whatever else 2011 brings, relaxation of the threat environment isn't likely,
Dark Reading's Tim Wilson recently took a good look at the top threats you're likely face in the months ahead. Tim's top three picks:
1. Social Media: No news here, but a warning well worth repeating to all of your employees. Facebook, Twitter and the lesser players are prime hunting grounds for cybercrooks, and the increasing use of social nets by legit businesses will only serve to increase the energy attackers use when prowling for marks among the friends and followers.
Your best move -- short of banning social networking at work altogether -- is tighten your usage policies, and remind employees never to give up personal or business information to requests arriving via a social network (or via a link followed from with a net).
2. Mobile Devices: The smarter and more capable the mobile device, the likelier your people are to use it for business purposes... and the more appealing a target the device becomes.
Best move: Extend your device and data policies -- and defensive strategies and tools -- to every device that touches business data, and make sure employees' personal devices used for business purposes are included.
3. Smarter, More Complex Attacks: While old favorites -- brute force phishing, spoofing, etc. -- won't go away, the next wave of attacks is likely to be more sophisticated, involve a variety of techniques, and target critical systems.
Best moves: Make sure your security teams -- or vendors -- are as engaged with constant awareness, education and updating as they are with maintaining strong defenses against last year's threats and threat vectors.
The old threats won't go away -- and unfortunately neither will the behaviors that made them effective.
But unless you and your security personnel and policies are aggressively monitoring for the new threats, your new year will be anything but happy.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?