The information security threat landscape is constantly evolving, but it’s not getting any less complicated. In 2017, Ponemon Institute research revealed that 1 in 4 businesses in the U.S. suffered a security breach. Threats aren’t equally distributed by business size, 50 percent of small businesses were targeted by hackers and health care organizations were also heavily-targeted by 15 percent of last year’s incidents.
Recent headlines have revealed plenty of scary threats, including ransomware epidemics and the emergence of wiper viruses. While it’s possible 2018 has new super threats in store, it’s likely you’ll face a well-established threat. From social engineering to weak passwords, you may be surprised by today’s most common information security threats.
Some of today’s smartest hackers are selling ready-made crimeware to wanna-be hackers on the dark web by subscription, including malware-as-a-service and ransomware-as-a-service. Last year, 51 percent of security breaches involved malware, which can now be purchased through illegal channels for just several hundred dollars each month. Criminals are getting bolder–one pre-packaged threat called “Philadelphia” was recently advertised openly on YouTube.
2. IoT Vulnerabilities
Experts predict one of the worst trends in 2018 will be security vulnerabilities caused by connected internet of things (IoT) devices. InfoSecurity Magazine’s Tara Seals attributes this to the fact too many “devices are manufactured without security regulations or industry standards.”
If your business isn’t powered by high-tech sensor or beacons, you’re not necessarily in the clear. IoT devices include office technology. Like IP phones, printers, and routers–all of which could represent possible modes of entry into your company’s network. In one survey, 63 percent of companies admitted to a printer-related security breach.
3. New Compliance Requirements
If your company collects data on European Union Citizens, you’ll need to prepare to comply with the General Data Protection Regulation (GDPR) by May or face fines of €20 million–that’s approximately $24.3 million. Many companies will need to adjust processes and systems to meet requirements from the GDPR, PCI, HIPAA, or other legislation.
While compliance isn’t a threat, it plays an important role in discussions of information security. Just 28.6 percent of companies are still compliant a year after assessment, and failing to meet standards can indicate security risks. Compliance can also demand significant IT resources. If your company is struggling to balance compliance and cybercrime risks, you may need security help.
4. Password Theft
A staggering 81 percent of 2017 security incidents involved weak or stolen passwords, which was often combined with tactics like phishing, hacking or malware. One emerging trend is “password aftershock“–when hackers are able to successfully gain entry to a company’s network using username and password combinations stolen from other breaches due to people’s tendency to recycle the same passwords over and over again.
5. Email Risks
Phishing still works–66 percent of installed malware last year was delivered by an email. Hackers are getting savvier and increasingly employing techniques like social engineering to “spoof” malicious emails into appearing like they were sent by a colleague or personal friend.
Email is a critical business communications tool, but it’s also one of the easiest ways for hackers to get inside your network. Information security awareness training and testing are likely a necessity.
Conclusion: Are You Prepared for These Security Threats?
While 2018 could bring next-generation security risks, businesses are wise to take a look back at the most common threat trends that affected half of small businesses in 2017. Planning for the most common risks–like unsecured printers, weak passwords and phishing–could significantly mitigate your chances of suffering a data breach in 2018.
Avoid the costly impact of a security breach remediation with a complimentary assessment of your organization’s IT security. Click here to learn more.
As more digital technologies are released into the mainstream, it is becoming increasingly complex to do business, and more specifically to manage the data that new technologies generate. In the security realm, it is no longer a case of safeguarding your physical premises and assets; you need to ensure your digital assets are secure too.
The threats to your data are real. According to the latest data breach statistics, 3543 data records are lost and stolen every minute. For businesses that collect and store personal data from their customers, there are even more risks to consider. Data such as social security numbers, credit card details and bank account information can prove invaluable to criminals, and they will stop at nothing to get their hands on this information. If they succeed in their mission, your customers could bring about liability proceedings, putting your reputation and your business in serious jeopardy.
Protecting It All With Data Breach Insurance
Data breach insurance, otherwise known as cyber liability insurance, is designed to protect against data security risks and the damage that can be associated with them, be it to your finances or your stature. Your level of cover will depend on the policy you have in place, but most products offer identity protection solutions, legal fees, public relations solutions and liability. If your business ever falls victim to a data breach, it is vital that you restore the public’s confidence as quickly as possible. Data breach insurance helps you to do that.
What Types of Data Breach Insurance Are Available?
Cyber risks usually fall into two categories; first-party exposure and third party exposure. First party exposure covers those risks that affect a business first-hand, while third-party exposure covers risks that could affect the data of third parties such as customers, clients or employees.
First party exposure insurance can protect against the following:
- Loss or damage to digital assets – this includes the loss or damage of software or data.
- Non-physical business interruption – if your business network suffers any interruption or service failure, this insurance will cover associated expenses incurred while investigating the interruption.
- Cyber extortion – if your organization falls victim to cyber extortion, where you receive threats from criminals to steal or damage data or restrict your network, your insurance company will handle the demand. This may involve payment of the extortion monies or criminal proceedings that bring the perpetrators to justice.
- Reputational damage – this level of insurance helps to protect you from damage to your reputation following a reported data protection breach. Depending on the level of cover, your organization could be paid for loss of income, loss of customers and the cost of PR exercises to repair your reputation.
Third-party exposure insurance typically protects against the following:
- Security and privacy liability – if a data security breach results in the theft or loss of third-party data, either client or customer, this insurance will cover defense and investigation costs as well as any civil damages you incur.
- Privacy regulation defense – if your organization is investigated by a regulator following any data breach, this insurance will cover your defense and investigation costs in addition to any fines where applicable.
- Customer care expenses – if you have a regulatory requirement to notify third parties about any data breach, this can often run into millions of dollars. This insurance will cover your notification expenses subject to the limit on your policy.
Don’t Leave Your Business or Your Data Exposed
Data breach insurance is designed to protect your data as well as privacy and network exposures. Whether it is a sensitive customer, employee or client data, there are increasing requirements for this data to be secure. By investing in comprehensive data breach insurance that is tailored to your business you can go on protecting what matters and give your customers total peace of mind.
And why it could easily happen to your practice or business
Despite MedStar undoubtedly having a very large IT cybersecurity budget, they still fell victim to a ransomware virus allegedly after an employee clicked on a link in an email. The chain of events found its way to an unpatched Linux server that had a security vulnerability on it that dated all the way back to 2008. The Linux software manufacturer developed and supplied a fix for the security issue shortly after it was discovered in the same year, but MedStar’s technical support team left it unpatched.
That leads me to ask—how many machines are still left without the proper security updates applied at their locations but more importantly at your location? Any single workstation, much less a server, can have over a dozen pieces of software that need to be constantly updated. From Adobe Reader, Adobe Flash Player, Java, and Microsoft Office (only to name a few), there are always security flaws and vulnerabilities that are realized by the software vendor who subsequently issues a fix in the form of a download. Most of these downloads have to be downloaded and applied manually. So, if you have a small practice or business without a dedicated technical person looking for these types of issues, you should ask yourself who is making sure that these updates and being applied and that they are current?
Another question that needs to be answered about the MedStar event is why it took so long for MedStar to restore their data and have their systems back online. Reports have suggested that it took close to a week for that to happen. One would imagine that MedStar would have state-of-the-art data backup systems with multiple options for restoration. The best way to combat a ransomware virus is to accept that you had weaknesses in your cyber-defenses and concede that you had a “they got me” moment and do not pay the ransom but rather move on to the data restoration process as soon as possible. With the correct layer of backups, your server should be able to be restored in time measured in hours not days.
Questions to ask yourself about your small medium-sized business or medical practice IT system:
- Is my front-end security in place?
- Is my firewall current and does it have the latest firmware updates applied?
- Do all of my servers and workstations have the LATEST anti-virus version and definition updates applied?
- Are my data backup systems current and operational?
- Is my data backup an automated process or does it rely on a person to manually perform this function?
- Has my data backup actually been tested to see if it can restore the files that I need restored?
- Is there a layered approach to my backups?
- Do I have an off-site data restoration option in the event that there is a major catastrophe at my place of business?
- Have my employees / end-users been educated on what to do and not to do when using company IT systems?
- Do I have an IT manual that outlines what is expected of my employees as it relates to the IT systems?
- Is there a formal disaster recovery plan in place that details the steps to take to recover from a significant IT security event?
- If you answered “no” to any of the above questions, then it’s time to make a change regarding your IT system management.
If you have questions about this article, please contact Dave Thomas, Director of Technology Services, Kenneally Technology Services, 443.829.9897, email@example.com.
Credit rating agency Moody’s Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services.
Read the complete article from InfoRiskToday
Security update for Windows: November 10, 2015
Causes Microsoft Outlook to crash, network sign-in issues and Windows desktop black screens.
The security patch (KB 3097877) which was part of the November 10th list of Windows updates is part of security bulletin MS15-115, a “critical update,” in Microsoft’s lexicon, designed to prevent remote code execution triggered by malicious fonts.
It appears to have caused multiple issues including causing MS Outlook to crash, preventing network sign-ins and black screens with no other icons or backgrounds.
If you are experiencing these issues after Tuesday, November 10th, re-run Windows update and apply all of the latest updates.
You can do this in one of two different ways:
Access CONTROL PANEL from your Windows computer and choose to view the control panel with the “small icons” view (A drop down option in the upper right-hand corner of the control panel window). Access the Windows Updates icon and once you have opened Windows updates click on “Check for Windows Updates” on the left-hand side. Choose to apply all of the available updates and reboot when they have finished being applied.
Your computer may also have a Windows update button in the system tray which is the list if icons in the bottom right-hand corner of your Windows desktop next to the system clock. If you hover your mouse pointer over this icon it will state Windows updates. Click the small icon and proceed to apply the updates that are available.
In some instances, you may be required to uninstall the security update in question (KB 3097877) prior to re-applying the new version of the update which resolves the issues.
To do this, access the CONTROL PANEL and Windows Update much in the same way as mentioned above. Choose “Update History” or “View Installed Updates”. Sort the list of security updates by date by clicking on the date column header. Search for (KB 3097877 from November 2015) and double-click to uninstall. Reboot your computer after the update has been uninstalled and the follow the directions at the top of this bulletin to re-apply the resubmitted version of this security update.
If you would like some guidance or assistance with this issue please contact us.