1. Insider Threats
Insider threats can haunt security teams due to their difficulty to detect combined with the damage they can cause. Whether they be disgruntled employees trying to cause harm or well-intentioned employees that simply fell for the latest phishing email, insiders’ access and trusted status make them prime facilitators of data loss incidents, malware infections, and other compromises. Between miscellaneous errors, insider misuse, and physical theft or loss of devices, the 2015 Verizon Data Breach Investigations Report attributes 65.3% of data loss incidents to insiders. When successful, attacks by malicious insiders are highly costly as well. The 2015 Ponemon Cost of Cyber Crime report named attacks by malicious insiders as the most expensive cyber incidents, costing companies an average of $144,542 per year. Protecting against insider threats requires close monitoring of and control over your IT environment and the sensitive data it holds.
2. Trojans and malware
They’re not trick or treating - Trojans and malware remain in disguise constantly, masquerading as legitimate applications or processes to avoid detection while compromising your systems. But while they may appear innocent at a glance, malware behavior is anything but normal. In the age of sophisticated attacks, endless malware variants, and zero-day exploits, simple antivirus and firewalls are no longer enough. Combatting these threats requires a combination of the right tools for both detection of inbound malware as well as behavioral analysis to flag activity from malware that has made it into the corporate IT environment.
3. Phishing emails and other social engineering attacks
Like malware, social engineers are masters of deception. Their choices of costume make them especially tricky, often pretending to be coworkers, bosses, friends, or family members in order to fool victims into sharing sensitive information, installing malware, or granting unauthorized access. Attackers will use social engineering to exploit people, using commonplace tools like email or phones to manipulate unsuspecting victims. Because they target people rather than systems, these attacks are difficult to defend against with software or hardware tools and have high success rates. The best protection against phishing and other social engineering attacks is an educated and security-aware user base, a defense that can only be achieved by instilling a culture of security in the workplace.
4. Unauthorized applications, devices, and cloud usage
Trends like BYOD and rogue cloud usage by employees have turned many corporate networks into Frankensteinian creations of their own. By using unsanctioned devices, applications, or storage repositories, employees can far too easily open additional channels for infection or data exfiltration. However, locking down these channels has proven challenging for security teams. Preventing these kinds of unauthorized activities requires tight control from top to bottom in you IT environment: strict network access controls to lock down use of unapproved mobile devices, whitelisting to block unauthorized application usage, and granular controls over data access and movement to ensure that sensitive data can only be moved to intended, authorized repositories – whether local or cloud-based.
5. Software vulnerabilities and outdated software
Bugs abound when unpatched or legacy software is running in your IT environment – and they’re eating away at your security perimeter. Often ridden with exploitable vulnerabilities, running outdated software only exposes your environment and sensitive data to additional vectors of attack. Patch all software that is used in your organization and enact patch management policies to ensure that it stays current. If end of life is announced for software that you use, develop a plan to retire that software securely. When it comes to vulnerability testing, focus on the OWASP 10 or a similar set of the most critical software vulnerabilities. Finally, implement application control to ensure that only approved software can run in your environment.
451 Research: The DLP Market by the Numbers
Get the 451 take on the resurgence of the DLP market, with projections for market growth over the next five years and the top security challenges for 2016.
Related ArticlesIs Encryption on the Endangered Species List?
Let’s get something straight: Encryption is still legal in the United States. That may not be true for much longer, but it’s true as of this writing.Red Flag: Pentagon Contractors Get Two Year Extension on Data Protection Rule
In a worrying sign, Department of Defense Contractors requested and won an almost two year extension on new rules that would require them to protect sensitive information stored on their networks.Friday Five: 1/17 Edition
The U.S. military fears OPSEC failures as more troops are deployed to the Middle East, an app exposes the sensitive data of babies, and a site helping Australian bushfire victims becomes a victim itself - catch up on the week's news with the Friday Five.