What are the biggest threats for enterprises in 2018?
The biggest threat is the growing complexity of the enterprise technology landscape.
Today’s enterprises are dealing with numerous security solutions from a multitude of vendors. This complexity creates the potential for unintended gaps in protection and creates inefficiencies in the incident response process. All at a time when skilled security analysts are in critically short supply, and time to detection and remediation is one of the most important measures of security effectiveness.
The rapid adoption of IoT devices, with a myriad of security weaknesses, is also of particular concern. The Talos threat research team at Cisco expects these devices to play a central role in the escalation of attack campaigns against enterprises.
What are the most critical moves an organization should make?
- Know what your critical assets are and have a plan for protecting them. Also, make sure a programmatic plan is in place to keep IT gear patched and software updated to reduce the risk of successful attacks.
- Security is a team sport. From the Board of Directors on down, everyone has a role in protecting these assets. Make sure each person knows their position and how to play.
- Understand the security solutions you have in place — their capabilities, limitations and how to use them effectively.
- At some point you will need outside help. Ensure you have established relationships with your solution vendors. Have agreements in place with incident response firms, before you need them.
- Always be learning. Regularly evaluate the effectiveness of your defenses and security training programs and adapt as necessary.
What else should we be focused on?
Improving detection and response times. A few ways to accomplish this include simplifying your security infrastructure, interconnecting systems, learning to leverage security data more effectively and employing automation where possible.
What’s on the horizon?
Continued regulatory growth, with GDPR (General Data Protection Regulation) in India and Europe for example, and data privacy regulations continue to evolve. Email authentication requirements in the U.S. public sector will spill over into the private sector. And we’ll likely continue to see an uplift in ransomware attacks against enterprises and consumers.
IoT-based vulnerabilities are shaping up to enable unprecedented attacks. Cisco threat researchers expect 2018 to be the year of “destruction of service” attacks, for which IoT will certainly play an active role in attempts to debilitate enterprises beyond repair.
On the adversary side, the cyber black market has evolved into a mature and specialized division of labor centered on researching a vulnerability, creating an exploit, servicing that exploit, providing attacks and providing customer services toward that attack — it’s an incredible level of sophistication and mature business practices.
More articles about cybersecurity
Insights on Data Protection on Xerox.com.
More articles about security on this blog.
How can we best protect our enterprises?
Be proactive about security. Make sure everyone knows their role and practice until it is second nature. Encourage an environment of healthy skepticism. Ensure your business partners understand their role and your expectations with regards to your security and theirs.
Collaborate — with industry partners, government, even competitors. Sharing information and knowledge is one of the best ways to stay ahead of adversaries. At Cisco, we have the Security Technology Alliance Program, which helps us to collaborate with other solution providers and ensure that products from different vendors share information and work effectively to detect and manage threats. A great example is the work that Cisco and Xerox are undertaking to help organizations across multiple industries achieve a better state of security.