Be On Your “IT Security” Guard in 2020

Dennis Snider

529 Posts

379 views

0

It might be a new decade, but the threat of cyber-attack will carry over seamlessly. Below we list four of the biggest threats to your cybersecurity that you’ll have to guard against next year.

Phishing/Social Engineering: This is a common form of attack whereby the attacker cons their victim into believing that their email, website, or text is that of a legitimate company – often one like a bank that the victim is already dealing with – and so persuade them to give up confidential details allowing access to accounts etc. You should train your employees to recognize such attacks, minimize employee access to the system – only give each employee the access they need – and install anti-phishing software.

IoT-based attack: The Internet of Things, i.e., the network of smart devices used around homes and businesses, is expanding at an incredible rate; unfortunately, the security in many of these “things” leaves a lot to be desired. Hackers are learning how to use devices connected to the Internet to port their malware onto a system. You probably haven’t even thought of the connection between your Wi-Fi enabled lighting system and the laptop you do your home banking with, but once the malware is on the system, it can leap from one to the other. Carefully check all your devices, assess how secure they are, and make sure all their firmware is the latest version.

Ransomware: Ransomware attackers are increasingly focusing their attention on businesses as the targets most able and likely to pay a ransom. Ransomware attacks involve infecting a system with malware to encrypt all a user’s information, and then demanding a ransom to release it. The best way of defending against this sort of attack is to have firewalls and antivirus software that blocks the attacks before they can get on your system. In addition, have robust backup plans in place so that in the worst-case scenario you can disinfect your entire system and repopulate it with your backup data.

Internal attacks: Company employees are one of the biggest threats to cybersecurity, and sadly always will be. Disgruntled or criminal employees have the capability of creating havoc before they are detected; careless employees can also do a great deal of damage by not following procedures and allowing external attackers into the system without knowing it.

The best way of preventing an internal attack is to institute a “least privilege” system in your business, only allowing each employee access to the lowest level of resources consonant with carrying out their necessary tasks. This means that your exposure will be limited if a particular account is used for internal attack, and it will be easier to shut down once it has been identified.