18 Sep 4 Trends Shaping Cybersecurity in 2017
The threat of cyber attacks is increasing every day. Make sure you are up-to-date with all the recent news and trends happening in the world of cyber security so you can stay informed on how to protect yourself from cyber threats. Check out this great column by Denny Jacob from Property Casualty 360 and find out about the top 4 trends impacting cybersecurity this year.
No. 4: Growing areas of concern
Organizations with a chief information security officer (CISO) in 2017 increased to 65 percent compared to 50 percent in 2016. Staffing challenges and budgetary distribution, however, reveal where organizations face exposure.
Finding qualified personnel to fill cybersecurity positions is as ongoing challenge. For example, one-third of study respondents note that their enterprises receive more than 10 applicants for an open position. More than half of those applicants, however, are unqualified. Even skilled applicants require time and training before their job performance is up to par with others who are already working on the company’s cybersecurity operation.
Half of the study respondents reported security budgets will increase in 2017, which is down from 65 percent of respondents who reported an increase in 2016. This, along with staffing challenges, has many enterprises reliant on both automation and external resources to offset missing skills on the cybersecurity team.
Another challenge: Relying on third-party vendors means there must be funds available to offset any personnel shortage.
If the skills gap continues unabated and the funding for automation and external third-party support is reduced, businesses will struggle to fill their cybersecurity needs.
No. 3: More complicated cyber threats
Faced with declining budgets, businesses will have less funding available on a per-attack basis. Meanwhile, the number of attacks is growing, and they are becoming more sophisticated.
More than half (53 percent) of respondents noted an increase in the overall number of attacks compared previous years. Only half (roughly 50 percent) said their companies executed a cybersecurity incident response plan in 2016.
Here are some additional findings regarding the recent uptick in cyber breaches:
• 10 percent of respondents reported experiencing a hijacking of corporate assets for botnet use;• 18 percent reported experiencing an advanced persistent threat (APT) attack; and
• 14 percent reported stolen credentials.
• Last year’s results for the three types of attacks were:
• 15 percent for botnet use;
• 25 percent for APT attacks; and
•15 percent involving stolen credentials.
Phishing (40 percent), malware (37 percent) and social engineering (29 percent) continue to top the charts in terms of the specific types of attacks, although their overall frequency of occurrence decreased: Although attacks are up overall, the number of attacks in these three categories is down.
No. 2: Mobile takes a backseat to IoT
Businesses are now more sophisticated in the mobile arena. The proof: Cyber breaches resulting from mobile devices are down. Only 13 percent of respondents cite lost mobile devices as an exploitation vector in 2016, compared to 34 percent in 2015. Encryption factors into the decrease; only 9 percent indicated that lost or stolen mobile devices were unencrypted.
IoT continues to rise as an area of concern. Three out of five (59 percent) of the 2016 respondents cite some level of concern relative to IoT, while an additional 30 percent are either “extremely concerned” or “very concerned” about this exposure.
IoT is an increasingly important element in governance, risk and cybersecurity activities. This is a challenging area for many, because traditional security efforts may not already cover the functions and devices feeding this digital trend.
No. 1: Ransomware is the new normal
The number of code attacks, including ransomware attacks, remains high: 62 percent of respondents reported their enterprises experienced a ransomware attackspecifically.
Half of the respondents believe financial gain is the biggest motivator for criminals, followed by disruption of service (45 percent) and theft of personally identifiable information (37 percent). Despite this trend, only 53 percent of respondents’ companies have a formal process in place to deal with ransomware attacks.
What does that look like?
Businesses can conduct “tabletop” exercises that stage a ransomware event or discuss in advance decisions about payment vs. non-payment. Payment may seem like the easiest solution, but law enforcement agencies warn it can have an encouraging effect on those criminals as some cases lead to repeated attacks of the same business.
Many cybersecurity specialists argue that the best way to fight a ransomware attack is to avoid one in the first place. Advance planning that might include the implementation of a governing corporate policy or other operating parameters, can help to ensure that the best cybersecurity decisions are made when the time comes to battle a breach.
See the original article Here.
Source:
Jacob D. (2017 August 25). 4 trends shaping cybersecurity in 2017 [Web blog post]. Retrieved from address https://www.benefitspro.com/2017/08/25/4-trends-shaping-cybersecurity-in-2017?ref=hp-in-depth&page_all=1