The biggest IT security threats and how to prevent them
If the news is any indication, IT security (or the lack thereof) is a growing concern among companies of all sizes. In the wake of reports that Chinese hackers are engaging in commercial cyber-espionage, some companies are calling for a go-ahead to hack right back when they fall victim to such security threats. Breaches by hackers from Syria, Iran, and other countries around the world signal the need for a new approach to guarding IT infrastructure.
But even beyond hackers, there are a number of threats to corporate IT systems that can disrupt business and gouge bottom lines. Let’s look at some of the major threats and how companies of all sizes can mount a defense to keep their systems secure.
Top four IT security threats
From outsiders to your own employees, here are definitions for four of the most common vulnerabilities in corporate networks:
- Hackers. One of the oldest and most commonly understood threats, hackers work as individuals or groups to leverage weaknesses in an organization’s IT infrastructure to gain access to its systems. Through the years this access has dramatically evolved from young pranksters seeking little more than bragging rights to today’s organized groups of cyber criminals stealing financial and proprietary information for financial or political gain. Today’s hackers use both manual and automated processes to break into an organization’s IT infrastructure.
- Malware. Malware refers to any type of malicious software used to infiltrate private computers or networks in order to gain access to sensitive data. Malware is also used to slow down system performance by utilizing memory, CPU, and other system resources. Wikipedia offers a comprehensive list of the different types of malware, including computer viruses, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious browser plug-ins, and rogue security software.
- Advanced Persistent Threats (APTs). In an advanced persistent threat, an unauthorized entity (typically an organized group) leverages multiple techniques to penetrate an organization’s network. These attacks are slow and steady, with the perpetrators taking months, even years, to extract private data and complete their mission. ISACA recently found that one in five enterprises has experienced an APT attack and 63 percent believe an APT attack is inevitable.
- Employee misuse. Oftentimes an organization’s biggest threat from a data exfiltration standpoint is the organization’s own employees. The offense can be intentional — a disgruntled employee stealing corporate secrets or company records for use at a new job — or unintentional — a star performer emailing sensitive data to his or her home computer to finish work over the weekend. Either way, the company is at risk of losing data that could cost it market share, cause reputation damage, or lead to regulatory fines.
Cost of a security breach
An organization’s size, vertical, or prominence in the public eye doesn’t matter; all organizations are susceptible to these threats. And they’re growing increasingly costly. A study commissioned by Solera Networks found that the average cost of a malicious data breach is $840,000. Non-malicious breaches were found to be less costly at $470,000, but that’s still no small change.
More alarming is how long security breaches go undetected. On average, a malicious breach takes nearly three months to uncover. What’s more, one third of malicious breaches aren’t even detected by an organization’s own security defenses. Instead they’re discovered by a third party or by pure accident.
How to beef up cybersecurity
These statistics, along with the pure volume of potential access points into an organization, highlight the importance of a defense-in-depth approach to IT security. In a defense-in-depth security strategy, an organization applies multiple layers of security controls throughout its IT environment. This approach provides redundancy so that if an individual or group of security controls fails, there are other protections in place to safeguard against potential vulnerabilities.
At SHI, we have developed a Security Posture Review to help customers determine just how in depth their security strategy is. Through a series of assessments, we evaluate the strength of customers’ external and internal systems, firewall and perimeter security mechanisms, and remote access authentication to uncover flaws and promote a more comprehensive and impenetrable security system.
Specifically we look to identify infrastructure with default passwords or user IDs, outdated infrastructure software releases or patches, weaknesses in perimeter security such as outdated firewall rules, unusual Internet traffic origination and destination addresses, sensitive data leaving the internal network, and other vulnerabilities.
Our goal is to uncover any holes that might exist in an organization’s security strategy and analyze them based on the probability that they will lead to a system compromise or attack. From there we work with customers to develop a tactical and strategic plan that addresses the security concerns identified during the assessment and fortify the organization’s IT environment against unauthorized use or attack.
Now that the complexity and frequency of security breaches are on the rise, every company should be taking steps to secure its systems and data. An organization’s best defense is to maintain a transparent understanding of its security strengths and weaknesses and to apply multiple layers of protection. With more confidence in their IT security, companies can move forward with a renewed focus on their business goals.