Every year sees dozens of lists of top security issues. One major publication will tell you the Internet of Things, cutting edge DDoS attacks, and social media hacks are the top threats. Another will tell you they are nation-state actors, data destruction, and extortion. These were our predictions for this year.
There is little crossover; these lists are subjective by their very nature. That's why a security survey of your company and system is so important—each company has a different threat profile.
To help narrow it down, here are some of the most common threats you will likely face.
Zero-day exploits: These are undiscovered vulnerabilities in software like, famously, Flash. Zero-day exploits are so valuable to hackers that they are bought and sold like stocks on darknet sites. If your security strategy for developer-issued patches against such problems is “when we get around to it,” make it a priority.
DDoS attacks: Distributed denial of service is an extremely common type of attack. DDoS attacks are easy to launch, off-the-rack software is available on the darknet to do so, and the major requirement is malice, not tech chops.
Inside jobs: Because no one knows your system, its vulnerabilities, the type of logins and passwords you use, like an employee—ex-, disgruntled, or both—many instances of compromise come from someone with an axe to grind and knowledge of where the wood is stacked. Basic security discipline, including on account cancellations and passwords, is integral to safeguarding against internal attacks.
Devices: The portability of digital devices means an increase in productivity and communications, but it also means heightened risk. Someone might leave a mobile phone straining at the seams with secrets sitting on the train or a laptop with an entire database in an overhead compartment. Criminals much prefer being handed all the information they need to compromise your system than having to laboriously hack away to get at it.
To combat these risks, create a company-wide security culture. You can augment those defences with EiQ's software, too. Not only will EiQ’s security monitoring technology and managed services cut through the clutter to rank and eliminate the most critical threats, it will also augment your in-house team with 24/7 monitoring.
Top photo credit: Robert Kneschke/Shutterstock