Insider threats are nothing to joke about -- they are a real danger to companies worldwide, who often neglect them. In fact, they rank among the top six threats of 2018, according to statistics. A company will spend at least $8 million yearly on insider threats, the Ponemon Institute has found.
All about Virtualization and Cloud Security | Recent Articles:
As many as 93 percent of companies in the Forbes Global 2000 list don’t include a vulnerability disclosure policy among top business concerns, according to HackerOne’s The Hacker-Powered Security Report 2018, a deep dive into bug bounty and vulnerability disclosure in the financial services and insurance industries.
Cybercriminals have unwittingly created an impressive, and legal, money-making opportunity – cyber insurance. The cyber insurance market is about to become huge, as experts believe companies will double their spending by 2020 to some 8 billion – 9 billion dollars compared to last year’s average of 3.4 –billion 4 billion, Munich Re, the world’s leading German reinsurance company, recently announced.
Cyberattacks are on the rise, with the most significant malicious activity so far detected in the finance, professional and information sectors, followed by manufacturing, according to Rapid7. Despite the increasing number of data breaches in critical sectors, there are discrepancies in how C-level executives perceive cybersecurity and the threat landscape, depending on their industry and home country.
Many companies have based their business models on collecting facts and statistics from their customers, accumulating big data which they analyze to improve not only customer experience, but also marketing, sales and product strategies. Or so they claim. The popularity of social media and digital operations have made it easier for businesses to gather reams of personal information, including emails, browsing history, habits, location, political beliefs and pretty much any other behavioral detail.
Critical national infrastructures such as the energy sector, public transportation, commercial facilities, government and defense, and medical services, among others, have been under attack in recent years, following a large volume of security vulnerabilities and a lack of encryption.
Enterprises are at risk now more than ever because it seems they keep falling behind on infrastructure security, while hackers are more vigilant and sophisticated in their schemes. Researchers can’t really put their finger on what it is exactly that causes more damage –insider threats, targeted attacks or plain old outdated software, but one thing is certain: by 2023, more than 146 billion records will be leaked following security breaches, according to Juniper Research.
Data breaches not only cost companies millions, but they also inflict reputational damage, customer turnover and operational costs. The average cost of a data breach has risen 6.4% to a global average of $3.86 million this year, according to research from the Ponemon Institute.
With speech recognition and voice-activated personal assistants slowly making their move into the corporate world, companies will have to adjust their security and digital strategies, infrastructure and customer interactions.
The topic of cybersecurity is rapidly moving up the agenda of CIOs.
It’s common knowledge that cyberattacks will escalate, so upper management has to develop an understanding of the threat landscape, the different types of attacks and what it all involves. Right now, the Trump administration is working on an executive order to clearly establish the duties of agency chief information officers.
2018 appears to be the year of regulatory compliance, threatening to hinder all IT initiatives and projects. Whether it’s The Payment Card Industry Data Security Standard (PCI DSS), the banking sector’s PSD2 (Revised Payment Service Directive), NIST for federal agencies or the EU’s boogey-man - Global Data Protection Regulation (GDPR), organizations worldwide are struggling to meet all industry-specific guidelines and recommendations to avoid substantial fines following an incident.