04 Dec Top security threats of 2018 and what they mean for data security in 2019
A key best practice within the cybersecurity industry involves remaining on top of the latest threats and critical risks that could put an organization’s data security at risk. Maintaining protection over sensitive information and intellectual property is more critical than ever before. Supporting a proactive security posture includes taking cues from the current threat environment.
Certain threats came to light in 2018, while others represented a continuation of threats from the previous year. Let’s take a look at the top data protection risks from this year, and how these can inform security processes for next year.
By now, ransomware is nothing new for many organizational IT leaders and security stakeholders. With hackers raking in increasing profits and more high-profile targets becoming victims, ransomware has been on enterprises’ threat radar for several years now.
According to a survey from AlienVault, the risk that these unique malware samples place on businesses isn’t going to disappear anytime soon. Overall, 45 percent of internal security professionals identified ransomware as a top risk for information security, TechRepublic reported. And while Trend Micro security researchers identified a 26 percent decrease in the number of new ransomware families, previously established samples still represent a critical risk.
In this way, ransomware will still represent a threat next year, thanks to continued successful attacks and payment of the ransom. It’s important for IT admins and security stakeholders to ensure that users within the organization are aware of ransomware, and what an attack can look like. Often, ransomware comes as a malicious email attachment, or within an infected link. Spotting this type of suspicious activity and supporting users with security best practice knowledge can help reduce the risk that an enterprise will become a victim of this threat.
This risk made our list due to the fact that it is relatively recent. Unlike ransomware, which has considerable awareness with security professionals, cryptocurrency mining may not yet be a top concern for internal security personnel. With rising attacks that include the theft of computing resources, though, this risk will become increasingly prevalent, particularly as we head into 2019.
Making matters worse is the fact that 24 percent of enterprise security professionals admitted that their organization is currently incapable of identifying unapproved cryptocurrency mining activity, TechRepublic reported. And with a more than 140 percent increase in this type of activity detected by Trend Micro researchers during the first half of 2018, it’s more imperative than ever that businesses bolster their abilities and protection in this area.
While data breaches will always be a top threat for enterprise security, Trend Micro pointed out that these attacks are becoming larger and exposing more data than ever before. Researchers found that 259 mega breaches – which involve the compromise of one million records or more – took place during the first six months of 2018. Surprisingly, the largest percentage of these instances (42 percent) came as a result of unintended exposure, and not hacking. An additional 16 percent resulted from physical loss.
In this way, it’s critical for enterprise security stakeholders to ensure proper user training to help stem data exposure events. The unintended exposure of more than one million data records is something that can destroy an organization’s reputation with its clients and partners.
Industry-leading security solutions
In addition to bolstering user training and awareness of threats – which can be of considerable benefit to a company’s overall security posture – it’s important for businesses to have advanced security solutions in place. Information security solutions that support data confidentiality and integrity while also enabling availability are critical.
To find out more, connect with the experts at Pinnacle today.