What today’s IT security looks like in 3 charts

Internet Security Threat ReportThe 21st edition of Symantec’s Internet Security Threat Report (ISTR) was released in April, detailing emerging trends such as the increase in malware, the rise of mega data breaches, and an uptick in ransomware.

The data presented in the ISTR comes from Symantec’s Global Intelligence Network, which monitors threat activity in over 157 countries and is made up of 63.8 million attack sensors that record thousands of events per second.

The ISTR highlights some eye-opening security breakdowns: In 2015 alone, ransomware increased 35 percent, more than 100 million fake technical support scams had to be blocked, and vulnerabilities were found in 75 percent of all websites. And because the Internet of Things and smart devices are expected to grow to more than 20 billion units by 2020, the “insecurity of things” remains a huge risk.

A strong security strategy must be a top priority for organizations and their employees alike. Here are three areas in particular that deserve special focus.

1. In 2015, new zero-day vulnerabilities were discovered each week, and organizations were exposed for about seven days before a patch was implemented.

Zero day attacks

Though there is no stopping zero-day attacks, organizations can safeguard their environment through regular software patching. As prevalence of these attacks grows (zero-day vulnerabilities doubled in 2015), organizations should strive to be more aware of the high-profile vulnerabilities and actively seek out updates.

2. Half a billion personal records were stolen or lost in 2015, and 36 percent of breaches involved medical records.

Health services security breaches

Today, ransomware attacks target organizations of all sizes. The first line of defense remains a strong perimeter, but better policy enforcement and security protocols within a network can stop ransomware from spreading within an environment.

3. From 2011 to 2015, spear-phishing campaigns targeting SMBs increased 138 percent.

Spear phishing attacks

Cyber criminals don’t care how small an organization is if they believe there’s valuable data to be stolen. In addition to endpoint protection and encryption, organizations should regularly coach employees to spot, report, and delete the suspicious emails that can expose the entire company with a single click.

The case for well-rounded security

What do these charts tell us? Threats are complex and target organizations of all sizes, so every IT department must develop a robust security environment. Because IT security threats are constantly changing and growing more refined, organizations must be vigilant about patching and updating their systems as well.

Cybersecurity threats and incidents are only expected to rise in 2016, so it’s important that your organization remains secure and uncompromised. Reach out to your SHI Account Executive for more information and to schedule a call with a Security Architect.

You may also be interested in:

This is why every organization needs adaptive and autonomous security More than 300 new security threats are detected every minute. Ransomware and malware are growing at double-digit rates, and mobile malware grew 72 per...
Cyberattackers had a great 2014. Here’s how to stay ahead of them in the second half of 20... 2014 was a banner year for cyberattackers, but not security. The high-profile data breaches of last year prove that antivirus is not enough, and the n...
Is your data safe with your employees? Maybe not. Though your company’s sensitive data is closely guarded, locked away behind firewalls and password-protected portals, there’s another threat that shou...

Submit a comment:

Your email address will not be published.

Please note: All comments will be moderated

nineteen − 15 =