IT security is a top priority for many businesses right now. The volume and complexity of threats is constantly increasing and the cost of becoming a victim can be high. According to a 2017 study by the Ponemon Institute, data breaches cost UK organisations an average of £2.48 million. From financial loss through to reputational damage, IT threats can have serious impact for businesses large and small. In 2018, there are five key threats to focus on.
It has become one of the oldest tricks in the book with respect to enabling hackers and cyber criminals to get access to information and systems - and phishing is still a huge threat for this year. In fact, according to Verizon's Enterprise Solutions division, 90% of data breaches monitored in its study were the result of phishing. Mobile users are even more susceptible to phishing (three times more susceptible according to IBM). As more businesses allow employees to connect their own devices to networks it’s becoming even more crucial to ensure that those employees are trained to spot the difference between genuine and phishing messages and mail.
The Internet of Things (IoT)
In itself, the IoT doesn’t represent a security threat to your business. However, there is a risk when multiple devices are interconnected and some are not being regularly updated to ensure vulnerabilities don’t exist. Most devices don’t update automatically and this can create a seriously weak link in the IoT chain that is exploitable by those with bad intent. Strongly worded policy on keeping software and devices updated – and an awareness of the consequences of not doing so – is a must.
It’s not just in the digital world where IT threats exist for business. Device security is a big problem – around a third of participants in a Ponemon Institute study said that their work device had no process in place to secure accessible corporate data. Many devices had no basic security – such as PIN access – and, as the devices were work devices, where there were passwords being used, many of those in charge of the devices were in the habit of sharing those passwords. Robust device use policy is an IT security basic, as are security measures such as biometric security and encryption.
Data loss and leakage
Many of the issues of data loss and leakage arise, not because of sinister third parties with negative intent, but because of bad choices made by users. Poor decisions about which apps can see and transfer user information, as well as user error are seen as a key threat to IT security for 2018. Education and monitoring have a crucial part to play in mitigating against this threat but there are also data loss prevention tools available.
Public Wi-Fi networks
Corporate devices use public Wi-Fi networks three times as much as private – and often those networks are open and insecure. An enterprise-class VPN that encrypts traffic is going to become increasingly crucial for businesses looking to protect against the malicious actions that can result from employee use of non-secure public Wi-Fi networks.
We are IT infrastructure specialists with more than 20 years’ experience – contact us to find out how your business can protect itself against these key IT security threats this year.