It was nearly impossible to look at a newspaper or media outlet in 2014 without seeing a story about cybersecurity. Various news organizations had their home pages and Twitter accounts vandalized, 233 million eBay users had their account info comprised, and Sony Pictures suffered a high profile attack that compromised most, if not all, of its company data.
These incidents don’t follow one specific pattern or method, but include a combination of human error and full-on attacks. It’s safe to say: cybersecurity needs to be a priority in 2015. With that in mind, here are a few things to keep in mind this year.
You don’t have to be a big company to be targeted
No company was too big or small to be targeted in 2014. It’s easy to become desensitized by reading about hacks that affect other companies, but now is the time to review your own company’s security procedures. When’s the last time you changed your password? How many people in your company have access to sensitive information? How do you store that information? If last year’s numerous attacks still aren’t convincing, according to a study done by the Ponemon Institute, 51 percent of CEOs have said that their companies come under cyber attack daily or hourly.
Much like excellent security software has become more readily available, so have black market hacking tools. Cryptolocker made an estimated $3 million off of ransoming people’s computers, while the newly launched Hackers List is a hackers-for-hire marketplace.
Some companies are not only allowing, but encouraging their employees to bring their mobile phones to work. Bring Your Own Device (BYOD) is quickly becoming the norm, with 60 percent of companies already allowing their employees to bring their own devices to work to access company data. This has obvious benefits and drawbacks. Companies save cash on tech, and employees are already comfortable using their own phones.
On the flipside, companies are adopting BYOD policies faster than they’re adapting security policies. If companies don’t adjust security plans to include policies on employee-owned devices, a new form of BYOD hacks are sure to pop up.This becomes even more problematic when you consider…
Whether you like it or not, the Internet of Things is coming
If CES 2015 was any indication, companies are pouring tons of cash into the Internet of Things (IoT). Although it may sound like an odd buzzword, the idea of having all devices connected is actually within reach, and there’s a massive commercial push towards it. There’s tremendous potential, both good and bad, for companies to have devices that can communicate with one another. From being able to monitor your utility expenses via smart thermostats, to a USB charger that sniffs keyboard strokes, the possibilities are staggering.
Stay informed and be sensible
Don’t be nervous about businesses moving towards BYOD and IoT; embrace it. In fact, the potential benefits of these practices and their accompanying technologies is tremendous for enterprise. Keep in mind, most hacks that make it into the media aren’t from sophisticated hacking software; they’re generally a result of human error. Someone doesn’t pay attention to the url at the top of their browser and sends their credentials to a Twitter-esque phishing site, a suspicious file is accidentally downloaded onto a computer, or sensitive company data is saved in an easily accessible file.
Rather than looking for an easy fix or avoiding new technology, it’s best to keep security top of mind for your company. Regularly go over security procedures with your staff, encrypt your data, and in case of a security breach, have a contingency plan in place.