Get Defensive: 5 Critical Cyberthreats to Plan for Now

Threats and factors that every organization must be aware of

Articles published November 22, 2017 by Kai Johnson

There are a multitude of cyberthreats, concerns, and attacks that continue to disrupt businesses on a daily basis. To help better understand the threat landscape, Fortinet recently revealed the top five threats and factors that every organization must be aware of. Here are the five areas:

1. Internet of Things
2. Cloud Adoption
3. Ransomware
4. SSL
5. Cybersecurity Skills Shortage

Let’s go through each one and properly identify how they’re impacting organizations today.

1. Internet of Things (IoT)

IoT is the concept of connecting various products and devices to the internet, and to each other. This is more than just the devices you’d expect, like cell phones and tablets, but everything from TVs, to lamps, to your thermostat. For instance, when you wake up in the morning, your alarm clock could notify your coffee maker to start brewing a fresh pot. There are also commercial IoT devices that are used for business purposes such as medical devices, trackers, inventory controls, and manufacturing systems.

Why should you care? Because new IoT devices are being connected and turned on at an alarming rate. According to a Fortinet IoT report, more than a million new devices are going live every day. By 2020, it’s predicted that there will be somewhere between 25 – 50 billion IoT devices online. That’s a lot of devices!

When it comes to security, IoT devices are lacking. Most IoT devices don’t handle updates or patches. In fact, Fortinet’s IoT report predicts 25 percent of cyberattacks on enterprises will be through IoT by 2020.

To secure your IoT devices, you should first take a complete inventory of them. Start by documenting every single IoT device your organization uses and make a comprehensive list. Update this list as you add more devices, and stay on top of it.

Once you’ve done that, it’s time to secure them. Here are four things you can do to better protect your IoT devices:

1. Consider upgrading your defenses and functions. Implementing advanced defenses and solutions can increase your security. Enterprise firewalls, including internal segmentation firewalls, advanced threat protection, network monitoring, and mobile device management solutions, can all help efforts to minimize risks and threats.
2. Get security information and event management (SIEM) technology. SIEM is a security management tool that gives a holistic view of an organization’s IT infrastructure and security. It helps organizations look at their data from one point of view so that abnormal trends or patterns can be spotted easily.
3. Encrypt your IoT data. Another way to protect your IoT devices is to encrypt IoT data at rest or in transit. However, this can be complicated and difficult because of  IoT device encryption limitations. Find a solution that effectively encrypts the data, giving you peace of mind that your data is protected while being transmitted.
4. Implement IoT authentication. Boost your security even more by requiring users to authenticate their identity. This could be a single sign-on, like a password or a PIN, or two-factor authentication.

After you’ve secured your devices, it’s time to manage them. Create a plan and policies to determine how these devices are going to be managed. If left unchecked with no rules or guidelines, people may misuse them and inadvertently cause data breaches that could’ve been avoided. A strategic device management plan and device management technology can go a long way to minimize the risk of a breach.

2. Cloud Adoption

The cloud often refers to data centers that are connected to the internet, housing servers (and other IT infrastructure) used for hosting software applications and storing data. Cloud computing, as defined by the National Institute of Standards and Technology, is “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

Research from Fortinet revealed that 95 percent of all enterprises use the cloud, and 71 percent use a hybrid cloud. However, managing and controlling data in the cloud can be difficult, which makes it complicated to secure. Fortinet also reported that “49 percent of enterprises indicate that their adoption of cloud services has been slowed due to the lack of cybersecurity skills in their organization.”

How do you secure your data in the cloud? Read our article on data security and discover the seven ways to make it a reality.

3. Ransomware

By now, you’ve probably heard of the term ransomware. In the cyberworld, ransomware is a constantly evolving and growing threat. Ransomware is a form of malware software that “kidnaps” access to your network, applications, or data until a certain amount of money is paid by the victim. It does this by encrypting certain data, so you can’t get to the information, or blocks access to systems and applications. Ransomware usually infects your computer or device with a Trojan virus from phishing emails or malicious programs on a website. Once it is installed, a ransom message usually pops up when the user restarts their device. 

The statistics on ransomware are startling. The FBI expects the ransomware industry to reach $1 billion for cybercriminals this year, and the government reports that more than 4,000 ransomware attacks happen every day.

According to a Ponemon Institute report, 56 percent of organizations are not prepared to fight ransomware attacks.

An IBM study discovered that almost half of the respondents had experience with a ransomware attack, and 70 percent of those ended up paying the hacker to recover their stolen data. Out of that 70 percent, 20 percent paid $40,000+, 25 percent paid $20,000+, and 11 percent paid $10,000+.

Fortinet revealed that 63 percent of organizations attacked by ransomware suffered from “business-threatening downtime.”

Your organization needs to be proactive in how it approaches ransomware. Here are eight steps to ensure your organization is prepared for an attack:

1. Employee awareness: Educate your employees on how to identify phishing emails, malware, and ransomware. The number one element to ransomware’s success is the human element. Continuous education and testing of employees’ understanding through internal phishing campaigns are crucial pieces to the ransomware solution.
2. Back up regularly: Make sure you’re backing up data on a regular basis. Verify and test your backups periodically to ensure they are operating as planned and can be efficiently restored.
3. Have a plan: Having a plan in place is essential for preparedness. This plan should thoroughly lay out response and solution details, should your organization fall victim to an attack.
4. Update and patch regularly: Make patches and updates on your system, software, and firmware a frequent occurrence.
5. Limit administrative access: Don’t allow employees to have administrative account access. This will minimize and restrict the extent of an attack.
6. Have software restrictions: Prevent ransomware attacks from infiltrating and running common programs with a software restriction policy, or put access controls in place.
7. Eliminate macros: Macros automatically perform frequent tasks, but they can be disabled. Disabling macros will ensure malicious content doesn’t automatically load.
8. Block internet ads: Many third-party ads have some type of malware. It’s best to avoid the risk by disabling all internet ads on devices.

4. Secure Sockets Layer (SSL)

SSL is the security that creates an encrypted connection between a server and a web browser. If you’ve accessed a website with a lock icon next to the URL then you’ve been on a site that is SSL certified.

The problem is that hackers also use SSL in a malicious way to disguise malware and other traffic and push that through to organizations. To ensure that nothing malicious is coming in through SSL, organizations must inspect every single piece of traffic, which is very time-consuming and complicated.

5. Cybersecurity Skills Shortage

With the recent emergence of new cyberthreats comes new cybersecurity solutions. On one hand this is good, however, these fast-evolving cybersecurity solutions create a cybersecurity skills shortage for a lot of organizations. While it’s important to have cybersecurity plans and technologies in place, you also need trained experts or reputable third-parties managing these efforts.

Information Systems Security Association and Enterprise Strategy Group found that 70 percent of organizations surveyed have suffered from the cybersecurity skills shortage. Of that 70 percent, 54 percent said they were attacked because they didn’t have cybersecurity people trained and in place.

This problem isn’t addressed very often, but having the right people managing your cybersecurityefforts is essential to protecting your organization.

There are so many cybersecurity options to consider and implement it can seem overwhelming. Third-party technology providers can offer a variety of skills and expertise to help monitor and manage your network and data. This can ease your burden and free up internal resources to focus on other core initiatives.

However you choose to tackle cybersecurity, these five threats need to be addressed in your organization’s security plan. They can be the difference between losing your data or keeping it.

How are you enhancing your organization's cybersecurity efforts?