What today’s IT security looks like in 3 charts

Internet Security Threat ReportThe 21st edition of Symantec’s Internet Security Threat Report (ISTR) was released in April, detailing emerging trends such as the increase in malware, the rise of mega data breaches, and an uptick in ransomware.

The data presented in the ISTR comes from Symantec’s Global Intelligence Network, which monitors threat activity in over 157 countries and is made up of 63.8 million attack sensors that record thousands of events per second.

The ISTR highlights some eye-opening security breakdowns: In 2015 alone, ransomware increased 35 percent, more than 100 million fake technical support scams had to be blocked, and vulnerabilities were found in 75 percent of all websites. And because the Internet of Things and smart devices are expected to grow to more than 20 billion units by 2020, the “insecurity of things” remains a huge risk.

A strong security strategy must be a top priority for organizations and their employees alike. Here are three areas in particular that deserve special focus.

1. In 2015, new zero-day vulnerabilities were discovered each week, and organizations were exposed for about seven days before a patch was implemented.

Zero day attacks

Though there is no stopping zero-day attacks, organizations can safeguard their environment through regular software patching. As prevalence of these attacks grows (zero-day vulnerabilities doubled in 2015), organizations should strive to be more aware of the high-profile vulnerabilities and actively seek out updates.

2. Half a billion personal records were stolen or lost in 2015, and 36 percent of breaches involved medical records.

Health services security breaches

Today, ransomware attacks target organizations of all sizes. The first line of defense remains a strong perimeter, but better policy enforcement and security protocols within a network can stop ransomware from spreading within an environment.

3. From 2011 to 2015, spear-phishing campaigns targeting SMBs increased 138 percent.

Spear phishing attacks

Cyber criminals don’t care how small an organization is if they believe there’s valuable data to be stolen. In addition to endpoint protection and encryption, organizations should regularly coach employees to spot, report, and delete the suspicious emails that can expose the entire company with a single click.

The case for well-rounded security

What do these charts tell us? Threats are complex and target organizations of all sizes, so every IT department must develop a robust security environment. Because IT security threats are constantly changing and growing more refined, organizations must be vigilant about patching and updating their systems as well.

Cybersecurity threats and incidents are only expected to rise in 2016, so it’s important that your organization remains secure and uncompromised. Reach out to your SHI Account Executive for more information and to schedule a call with a Security Architect.

You may also be interested in:

Why it’s time to rethink what drives your IT security program In the past, IT security was like insurance, viewed as an expense, not a revenue generator. That perception left IT with minimal dollars allocated to ...
Is it a patch, or just another problem for your network? When is a patch not a patch? When it becomes another exploit on your network. We sometimes lose sight of these obvious points when talking about pa...
3 vulnerability and assessment tools that will strengthen your IT ecosystem Dig up your high school yearbook photo and you’re likely in for a laugh -- the clothes, the hair styles, the glasses are distant memories for most of ...

Submit a comment:

Your email address will not be published.

Please note: All comments will be moderated

20 − 13 =