Have you thought about your company’s digital security lately? Whether your business is large or small, you should always be thinking about how to ensure that your computer systems and sensitive data remain secure.
The real trouble comes when companies get complacent, believing their systems are sufficiently protected from any and all forms of cyberattack – be they malware, viruses, or data leaks. Security threats can sneak in through innocuous apps. An unexpected breach may come from the physical world, in the form of a jilted ex-employee. It’s always the right move to remain both vigilant, and up to date on the most recent cybersecurity threats – and how to keep your company as safe as possible.
To get a head start on your cybersecurity knowledge, take two minutes to quiz yourself on the threats that lurk in cyberspace and beyond. Already took the quiz? Stumped by some of the questions? Follow along with us here as we dive into some of the trickiest answers, and some statistics you might not expect.
What’s the Most Targeted Industry?
When you think about the motives for online criminals and hackers, it’s easy to assume that it comes down to one thing: money. Therefore, it’s a good guess that the finance industry attracts the most cyberattacks – it seems the most profitable. The retail industry could also be a solid target for data theft, offering plenty of material goods and monetary value.
The correct answer, however, is the healthcare industry. Although it might not seem hugely profitable for hackers, facilities such as hospitals and medical clinics are targeted for cyberattack more than any other institutions. IBM notes that healthcare information is a gold mine for criminals, because it can include personal information such as email addresses, credit card data, and social security numbers – on top of sensitive medical history.
Given that 2015 was known as “the year of the healthcare breach” (IBM reported that over 100 million healthcare records were compromised over the course of the year, with one million of those in the first six months), there’s no reason to suspect that this trend will slow down. While many business owners assume that cyberattacks will be aimed at financial targets, this false sense of security, unfortunately, makes it easy for healthcare companies to be lax on their security protocols.
New Malware Released Daily
Malware is defined as any sort of virus or “malicious software” that can invade your computer, or digital device – causing everything from direct breaches to general havoc in your systems. Oftentimes, malware is unintentionally installed, and it can run swiftly in the background, without anything seeming amiss. How many threats do you imagine are out there in the cyber-verse? A few hundred serious ones, perhaps? The average person only hears about the big ones when they make the news.
You might be astounded to know that over 1 million pieces of malware are released daily, according to a 2014 CNN Money report; and there’s no sign of malware is lessening. Black hat hackers are becoming more sophisticated, creating malware that’s even tougher to spot. In some cases, this comes down to IT departments that aren’t properly prepared; many of these pieces of malware enter computer systems through bugs that have existed unnoticed in the backend for years. It only takes one of these hidden glitches to let malware in.
As for malware on mobile apps, it depends on which device you’re using. A 2015 piece by Mashable claimed that anywhere from 39 to 350 iOS apps were infected with the XcodeGhost malware. Always be sure you’re downloading apps from a reputable source, and stay aware of any current malware threats that come up.
How Many Ex-Employees Really Steal Information?
Releasing an employee is hard enough already, but it’s a whole new mess when the person turns around and steals company information – and that’s reportedly the case for a whopping 85% of former employees. Imagine how many of your staff have usernames and passwords that allow them access to sensitive information, social media accounts, data storage, and more. Now, imagine what a disgruntled former employee could do, if they found out they still had that access after being fired or dismissed.
The most important step you can take immediately after releasing an employee – even on amicable grounds – is to revoke all access to anything on the company servers. Terminate the person’s accounts as soon as you can. In the event that you’re dismissing a member of your IT staff, have your current IT administrators change all the server passwords, as well.
Most Popular Avenues for Cyberattack
There are plenty of ways that cyber-criminals can gain access to your company’s sensitive information – but what’s the most popular route for hackers to get in? While most attacks occur due to negligence on the part of employees, there’s one far more insidious than the others: clicking on unauthorized links.
Most of your employees should know not to give out their passwords, but anyone can fall for a phishing scam link in an email – especially if it’s disguised to look genuine. Once an employee clicks on the seemingly-authentic link, the malware will install itself on the computer. It’s up to the company’s IT department to make sure corporate-device security protocols are up to date, and to regularly inform and educate staff on the most current threats.
For the year 2016, the projected number of cyberattacks is slated to rise. CNBC lists off tactics such as machine-to-machine attacks (due to the rise in device connectivity, thanks to the “Internet of Things”), jailbreaking the cloud, and even “ghostware” (which relies on blastware to cover its tracks once discovered, making it even more difficult for law enforcement to find what data was stolen). Ransomware – a type of malware that infects and steals valuable data, then demands that victims “pay up” to avoid the data being released to the public – is also set to go far beyond the Ashley Madison hack, according to IBM’s Security Intelligence blog. Expect criminals to look for even higher payouts, especially when it comes to big businesses.
Stay Aware and Alert
Even as security becomes stronger, criminals are finding more ways to adapt and exploit vulnerabilities; which is why it’s so important to stay on top of current threats. Whether that means strengthening your internal IT force, or hiring third-party experts to audit your systems, there are many measures you can take towards better security. Sometimes, all you need to start is a simple quiz to test your knowledge, to show you what gaps need to be filled in.