One of the challenges of implementing reliable cyber security is that the finish line keeps being moved. As security measures continue to improve, so do the methods and tools of cyber criminals.
There is a range of possible threats to be aware of when it comes to keeping your organization cyber secure. Here are five potential risks that industry experts believe businesses should heighten their awareness of in 2020:
- Ransomware—Ransomware attacks can be among the most expensive for your company to have to deal with. Ransomware refers to a type of malware that can breach and encrypt the victim’s files. The victim is then forced to make a ransom payment in order to regain access to their data. In addition, some attackers may also extort your company, and threaten to disclose or sell your data. Companies are advised to regularly back up all critical data and keep the backups separate from the rest of your network.
- Phishing—Phishing emails continue to be one of the most common causes of data breaches. This threat refers to fraudulent emails that intend to trick employees into revealing sensitive information. In 2020, phishing kit developers are expected to make it even easier for potential attackers to launch phishing campaigns. Be certain that employees are trained in anti-phishing practices and that training is regularly updated.
- Personal device attacks—According to a 2019 Kaspersky report, approximately half of all companies reported malware infections on employee-owned devices. With businesses continuing to increase flexibility for employees to use personal devices for work-related tasks, attackers may start targeting personal devices more heavily as a means of bypassing corporate cyber defenses. Adequate and up-to-date training is necessary for your employees. Companies should review and update their policies as they pertain to personal devices as well.
- Third-party suppliers—According to a survey by One Identity, 94% of organizations provide third-party suppliers with access to their network. What’s more, 18% of organizations reported that a third party was to blame for a data breach. With digital connections between businesses increasing, the risk of a data breach occurring because of a mistake by someone outside of your company is also on the rise. Establish a strict security policy for all third-parties that access your network, and closely monitor that each user is only given the permissions they need.
- DDoS attacks—While not as notorious, DDoS attacks are about as common as ransomware incidents. Network speed increases, such as the wider release of 5G, also mean that DDoS attacks can be more difficult to stop. Have your IT department or contractor inspect devices for possible misconfigurations or vulnerabilities, and be certain that your employees are following your cyber security policies.