Top Business Threats to Cyber Security in 2017

Any business can be at risk of a cyber attack. Larger businesses are not necessarily protected by their size, and smaller ventures are not any safer because they might seem less visible.

Unfortunately, a recent survey by Minter Ellison, one of the country’s largest corporate law firms, found that Australian businesses grossly underestimated their risk of a cyber attack. Furthermore, a large number of them had no plans in place to deal with a breach of their cybersecurity, should one occur.

Well-executed cyber attacks can have catastrophic effects on a business. The key is to be prepared for the worst case scenario so that your company can handle an attack when it comes.

We’ve compiled some top threats to cyber security:

1. Internal Threats

These have proven to be more common than attacks from outsiders. In 2016, IBM found that 60% of cyber attacks were carried out by people who did so internally. At least 75% of these involved malicious intent.

Which sectors were most likely to be hit? Health care, manufacturing, and financial services were under attack the most. They have the most to offer attackers – namely, personal data, inventory, and financial assets.

Unintentional internal breaches are also a serious issue. Centrify found that 52% of American I.T. administrators freely shared their login information with contractors and 59% of them shared these details with fellow employees.

2. People

People make mistakes and are the largest risk to any company, large or small. Most cyber attacks are sophisticated and very well executed. It’s no surprise, then, that even the most careful of employees can find they’ve fallen for an attack such as phishing.

The best way to eliminate any weak links is to make cyber security education a priority for all company employees. It should begin as soon as possible after being hired on, and should be an ongoing process in order to keep it in the forefront of everyone’s minds.

A vulnerability assessment by a third party is also a great way to identify any potential risks.

3. Ransomware and Extortion

Stephen Gates, chief research intelligence analyst at NSFOCUS, warns that we will see a return of self-propagating worms such as Conficker and Nimda. However, the new worms will carry ransomware payloads which can infect a very large number of machines in an extremely short period of time.

These types of cyber attacks, Gates warns, are likely to continue to increase are cybercriminals become more skilled at carrying out these attacks.

4. Security Flaws

Social networking is a popular tool many companies use to advance their business. It is an easy way to communicate with customers. However, this popularity creates new pathways into the business which cyber criminals exploit.

The key to safety is to educate your company’s social media users on how cyber criminals gain access to sensitive information using social tools. Avoiding risky online activity and teaching staff about current threats are critically important.

5. Unsecure Shadow IT

Businesses are often all about numbers and the bottom line. This frequently leads to employees using whatever it is they need to get the job done. Unfortunately, this situation opens the door to unsecure Shadow IT through which a business could fall prey to a breach in cyber security.

One way to combat this risk is to encourage companies to work closely with their employees in order to make sure they have all the necessary effective tools with which to do their jobs.

 

It is important to note that when organisations are victims of a cyber attack, 99% of the time, their IT professionals had already known about the potential flaw for at least a year. While IT professionals are no doubt incredibly busy with day-to-day tasks, focusing on cyber security is a must if the organisation is to withstand any sort of attack.

Don’t plan for the attack if it happens; plan for when it happens. Get in touch with one of our cyber security specialists today.

Share on Facebook2Tweet about this on TwitterShare on LinkedIn1