We’re slowly winding down to the end of Cyber Security Month and with that we move closer to the end of our Cyber Security mini-series.
This week’s topic focuses on our thoughts about that current Cyber Security trends, with trends chosen that affect Cyber Security professionals, as well as cyber criminals.
It’s no secret that Automation is becoming more important to businesses across a range of departments. The Cyber Security industry is no different.
A Ponemon Institute survey (from over 1,400 IT and IT security practitioners), showed that from the 79% of responses they received, 29% currently use automation platforms and tools and 50% plan to start implementing automation tools within the next 3 years.
The benefits of automation vary by the tools and platforms used. They can help perform a range of tasks, such as collecting data, performing vulnerability assessments and keeping assets patched and updated.
The reason there is a shift towards automation (besides the obvious saving of employee time and resources), is to reduce the strain felt by often understaffed IT and Cyber Security teams. This gives organisations some breathing space while sourcing members of a Cyber Security team. Automation is not the best solution – having a dedicated, well-trained and highly-qualified team, is a much better solution.
As you will no doubt be aware (and may have experienced this first-hand), phishing is one of the most common Cyber Security trends in 2019. Although phishing via email has been around for a very long time, there is a change in the way cybercriminals are utilising phishing, including:
SMiShing - through SMS text attacks.
Vishing – via phone call (fake PPI calls).
Also, through social media platforms, like on LinkedIn and Facebook.
The end goal of phishing is to trick someone into sharing their personal details (such as log in credentials), or directly ask for money.
This is a no-brainer! As our use of social media and apps increase and our time on our phone’s increases, so will the means and ability to commit cybercrimes targeting these devices increase.
More importantly, our phones crossover between work and personal use, so there’s the chance that a cybercriminal can target both you and your organisation through that one device. Therefore, it’s important to keep up to date with Cyber Security trends.
According to the RSA Quarterly Fraud Report, mobile fraud has seen a 680% spike since 2015. This is a pattern we’re likely to see continue to rise, I’m afraid.
Read the other articles in our Cyber Security Month mini-series for more information:
The advice found here can help you with hints and tips to keep you and your organisation safe from cybercrime.
May 2018 saw in rollout of the EU’s General Data Protection Regulation (GDPR). Organisations could no longer ignore the fact that things were changing from a data and compliance perspective and more than a few organisations must have been concerned, hoping to become fully compliant and not make any mistakes, which they knew would result in a hefty fine!
Overall the purpose of GDPR was to create regulations that protected consumers data but also to hold those businesses accountable, should they breach this protection of data.
For the most part, compliance involves telling users how their data would be used, giving the individuals the right to be forgotten and have their data only stored for specific, admin reasons.
Ransomware is a type of malware, which threatens to publish data or block access to it, unless a fee is paid.
The good news for consumers is that Ransomware attacks on consumers are down this year.
However, the same can’t be said for businesses. Malwarebytes reported that:
“Ransomware has made a tremendous comeback against business targets in Q1 2019, with an increase of 195 percent in detections from Q4 2018 to Q1 2019. In comparison to the same time last year, business detections of ransomware have seen an uptick of over 500 percent, thanks in large part to a massive attack by the Troldesh ransomware against US organizations in early Q1.”
The rate of Ransomware attacks against businesses has increased year on year, which really highlights the need to have a good Cyber Security team in your business, such as an Ethical Hacker or Penetration Tester.
If you thought that the government was safe from attack, you’d be wrong. There have been over 170 Ransomware attacks on local governments since 2013, with 53 reported in 2018 and 21 reported in the first part of 219 alone!
With 2019 quickly wrapping up and 2020 on the horizon, the message seems to be apparent…. Be careful, both on your own devices and with your company hardware. Ensure you have the correct and most updated cybersecurity software in place and make sure you’re sensible with your own and company information. Better yet, help your current IT teams to become qualified Cyber Security professionals, through our range of CompTIA and EC-Council qualifications. Contact us to get enrolled today.