Introduction
The cybersecurity landscape is constantly changing, and while new risks are emerging which affect corporations from a variety of industries, many of the long-standing threats continue to take priority. New malicious individuals are targeting our institutions, but their methods do not necessarily differ from what we’ve seen in previous years. The ongoing transition to Internet of Things (IoT) environments (networked devices throughout homes and workplaces) is live, and that only means more integrated systems have the potential to be compromised. The list below is comprised of items that could lead to the loss of confidentiality, integrity and availability of sensitive data and critical business processes. Here is a cheat sheet you can use to brief your CEO about the current and emerging cyber landscape.
Current Threats, Risks, Buzzwords and Items Worth Noting
Malware
Malicious software used to gather information, slow down machines, affect business processes.
Ransomware
Ransomware is a specific type of malicious software which executes a process when end-users visit a hijacked or infected site, or when malicious links are clicked on. This particular kind of malware will encrypt the files on a machine, and will offer to provide the decryption key for a fee. If the ransom remains unpaid during the course of a set time-frame, often times, the malware will delete all files on the machine.
Phishing
Hackers will send malicious emails to end-users with the intent of impersonating a familiar contact. These emails commonly contain malware.
Distributed Denial of Service (DDoS)
DDoS attacks happen when an attacker floods servers with traffic and brings them offline. This is often done by a malicious individual utilizing a network of botnets, or inter-connected computers configured to forward transmission to a set location.
Insider Threat
The insider threat is a buzzword, which is related to an employee or insider of an organization. This employee can be acting with purposeful or accidental malice. A common threat avenue is when an insider either brings malware onto a network or attempts to ex-filtrate sensitive data. Employees can also visit infected websites on the internet or plug in an external storage device found on the ground, due to lack of security awareness training.
Business Continuity/Disaster Recovery Planning
Understanding and devising a plan to ensure that should an outage occur, failover is in place and no disruption to critical systems will affect business processes is key to an organization’s survival. Companies should be sure that they have established set recovery point objectives (RPO) which define the maximum amount of data loss tolerated, and recovery time objectives (RTO), which is the maximum amount of downtime allowed for information systems. Defining these will help quantify disaster tolerance.
Incident Response
Composing an incident response plan and training staff on steps to response is crucial. Incidents happen, and without a plan, recovery could be chaotic or impossible. Tabletop walkthroughs of plans are a great way to familiarize employees on what is defined as an incident, and what steps should be taken for remediation.
Vendor Management
Recognizing which vendors are important to an organization’s survival and which vendors maintain your sensitive data is an important pillar of a strong information security strategy. The performance of a vendor risk assessment should be practiced, and companies should compose and follow a vendor management policy.
