1. Ransomware; still a problem
Ransomware is malicious software that seizes control of a computer or dataset in exchange for financial gain. Once the ransom is paid, control of the computer or dataset is returned to the owner. According to recent study by Verizon, 92 percent of ransomware is delivered via email.1 To stay ahead of the threat, organisations should implement user training and maintain up-to-date antivirus software and endpoint devices.
2. Phishing is becoming more devious2
Phishing scams appear on face-value as legitimate email communications from a trusted source, typically a bank, telco, or government agency. However, it’s merely a hoax to coax the user into clicking on a link that contains some form of malware. These scams are very much focused on extracting sensitive and personal information like passwords and credit card details. In the past they have been quite simple to identify, however over time cybercriminals have become increasingly adept at creating legitimate looking emails. Tools like HP Sure Click are a good means of enabling an extra layer of security to minimise the risk of phishing.
3. SMB’s embrace artificial intelligence (AI)
AI uses machine learning algorithms to develop educated recommendations that allow you to make immediate and intelligent decisions.3 With the number of daily threats climbing into the 10s of thousands and beyond depending on the organisation, expect to see machine learning only grow as a means of thwarting cyber security threats.
4. Outsourcing security services
Time and resource poor small and medium sized businesses (SMBs) are turning to as-a-service models as a means of developing and maintaining their security posture. Through adopting models like HP Device-as-a-Service (DaaS), businesses can combine, hardware, analytics, proactive management and services for every stage of the device lifecycle. Endpoints remain secure and internal teams have more time to focus on what matters most.
5. Cyber security insurance is becoming a thing
The numbers are there for all to see; as many as 60 percent of SMBs that suffer a data breach or security incident go out of business within 6 months.4 The landscape is constantly changing with new threats emerging by the hour, and as such, it’s time for organisations to start considering cybersecurity insurance. The options are a plenty.
6. Employee security awareness and training
According to a recent report by the Ponemon Institute, of the SMBs that suffered a data breach, 54 percent were a result of negligent employee practises – an increase of 48 percent from the previous year.5 Employees must have the skillset to acknowledge a potentially malicious link or email, as well the understanding to follow best-practice password management protocols.
7. Security begins at the endpoint
Security must be a holistic approach across the organisation, from top to bottom. In the digital era employees work from anywhere, at any time, and on any device. This poses an endpoint protection issue, because they could be accessing critical information on unsecure networks. As a potential entry point, endpoint security is paramount, from laptops, to mobile devices, right through to printers. There are ways of mitigating the risk, for example; HP’s Sure Suite of hardware-enforced security features work to protect your endpoint from a multitude of threats.6
8. Multi-factor authentication and password management
Correct password management and multi-factor authentication (MFA) may be one of the most underutilised elements of cybersecurity. Passwords are a critical component to any cybersecurity strategy, however, in the recent Ponemon Institute report, 59 percent of respondents advised they had zero visibility into employees’ password practices.7 To reduce risk, password management systems can be implemented which generate random passwords with zero double-ups, while MFA requires the use of two or more independent credentials to prove a user’s identity.