This article was first published in Nexia Global Insights, April 2019.
In today’s security landscape, businesses need to focus not only on external cyber attacks but internal vulnerabilities that can lead to physical and digital information threats.
Every year almost 1% of global GDP – as much as U.S.$600 bn – is lost to cybercrime according to McAfee and the Center for Strategic and International Studies.
Monetisation of stolen data is now easier because of the use of digital currencies and increased sophistication of cybercrime black markets.
So, it is more important than ever to run businesses securely with threats becoming more complex and cyber attackers more persistent. SMEs are increasingly becoming cybercrime targets, although banking remains the sector most at risk.
Most threats involve attacks from multiple sources. These include targeted phishing attacks against employees, advanced persistent threats (stealthy attacks on networks), ransomware that demands a fee to unlock a locked computer, hard to detect malware, denial-of-service attacks and increased mobile usage by employees. Additionally, viruses, trojans act as back doors to hackers.
The Threat Within
However, a major security vulnerability for any company comes from within: its employees.
Greater focus is needed on insider threats caused by employee negligence or malfeasance – including lost laptops and disclosure of information – or deliberate actions of rogue employees.
Hackers use increasingly sophisticated AI-generated ‘phishing’ emails to trick employees into handing over passwords and other sensitive data to break into a company’s network.
Shadow IT – the unsanctioned use by employees of software as a service (SaaS) applications like Google Apps, Dropbox, Salesforce, Cisco WebEx, Concur, GoToMeeting and other cloud services – is a very serious and growing threat to IT compliance and cyber security.
Additionally, employees may set up their own cloud servers to process and store an organisation’s data, leading to potential compliance violations and data breaches.
Cryptojacking or cryptomining malware is used to hijack software and hardware for data mining purposes. It contaminates internet-connected computers and hardware, mobile devices and servers via various invasive methods including ‘drive-by’ scripts on websites.
This can be combated using ‘endpoint detection and response’ and ‘managed detection and response’ tools, that are expected to see increasing advances and usage over the next couple of years.
Furthermore, machine learning and business intelligence technology will play a critical role in gathering intelligence to make decisions and execute changes to minimise an organisation’s cyber-risk.
Cyber breaches are significant business risks because of the impact they have on an organisation’s reputation and profitability.
It is therefore essential that businesses integrate IT security into every leadership and business decision to keep pace as cyber threats evolve.
For Cybersecurity advice, please contact:
Director, Forensic & Litigation Support Services,
Cybersecurity & Technology Advisory
Article contributed by Nexia International firms:
Nexia SJ, Tanzania