make a good business better

Blog Information Security

Print Divider Print Divider Branding
 

The Top 3 Cybersecurity Threats of 2017 (and How to Avoid Them)  

10/12/2017

Share

Social Logo Social Logo Social Logo Social Logo

Cybersecurity is no longer a topic discussed only among IT professionals and Chief Information Security Officers. As large-scale breaches such as Equifax and WannaCry continue to make headline news, the rapidly increasing volume and severity of cyber attacks have forced the world to take information security seriously.

Unfortunately, the number of threats and potential impact of cyber attacks is only expected to increase. Here are just a few of the most alarming enterprise cybersecurity predictions according to Cybersecurity Ventures:

  • Global ransomware damage costs are predicted to exceed $5 billion this year.
  • Nearly half of all cyber-attacks are committed against small businesses.
  • Cybercrime damages will cost the world $6 trillion annually by 2021.

If there’s one lesson we’ve learned so far this year, it’s that hackers are always innovating and looking for new ways to attack businesses. IT professionals must constantly keep pace with the changing landscape of cybersecurity to ensure their data is secure. 

The Top 3 Cybersecurity Threats of 2017 (and How to Avoid Them)  

As part of Cybersecurity Awareness month, we wanted to identify some of the most common cybersecurity threats in the market today and share some actionable steps you can take to protect your organization from them. 

1. Unpatched Software 

The rise in Ransomware attacks has been well documented in 2017. Two of these attacks, WannaCry and Petya, both occurred through unpatched Microsoft Windows operating systems. Today's hackers are well aware of the software updates companies make and will look for every opportunity to exploit any systems that are not updated.

How to Avoid it: 

The most common unpatched and exploited programs are browser add-in programs like Adobe Reader and other programs people often use to make surfing the web easier. Having a layered, defense-in-depth strategy is essential for avoiding the careless mistakes that lead to attacks through unpatched software. 

2. Sophisticated Phishing Campaigns 

Approximately 60 to 70 percent of email is spam. And while phishing emails used to be more obvious, today’s hackers are becoming more sophisticated with the addition of specific company information regarding billing, logistics, and more. The recent increase in EMOTET Trojan Activity is just one example of the increasing sophistication of phishing campaigns. These phishing campaigns contain an increasing variety of malware including banking trojans and the increasingly popular ransomware. 

How to Avoid it: 

Because of the prevalence of this type of attack, developing an anti-phishing strategy is a must. Educating employees on the potential threats and leveraging inline solutions that proactively identify and quarantine such email threats before they reach a user’s inbox are two essential ways to avoid these attacks. Two-factor authentication measures are also valuable. 

3. Employee Social Media Threats 

One of the biggest potential threats to a company's cybersecurity is a pathway they might not even be monitoring — their employee's social media. In a social media environment, employees may accept an invitation to connect with someone who appears to be worth following or friending but is a phishing hook that lures users into clicking on bad links. Today's corporate hackers love exploiting corporate social media accounts for the embarrassment factor to glean passwords that might be shared between the social media site and the corporate network.

How to Avoid it: 

Today’s social media threats usually arrive as a rogue friend or application install request. The most important step to take is educating employees at all levels about the risks involved with social media use and how they can protect themselves by being smart about who they “accept” and taking a close look at links before you click on them. 

The Biggest Lesson: Always Be On Guard 

Maintaining an effective cybersecurity program is a constant battle. It can be difficult to stay up-to-date with the latest attack trends and feeling like you need to watch over your shoulder on a daily basis. But trust us: it's much better than the alternative. The consequences of a company-wide security breach will cost you far more than the time, energy, and resources you spend putting the proper security measures in place.