With the average cost of a data-breach rising year on year, (with some estimates being close to $4million) it underscores the importance of why cyber security needs to be taken seriously. Cyber-security itself evolves over time meaning businesses need to remain updated on the latest trends and legal requirements such as those of the GDPR and CCPA.
The following are five cyber-security related trends that have been dominating the industry this year:
1. Phishing Attacks:
According to the recent Data Breach Investigation Report by Verizon, 32% of confirmed data breaches were due to phishing attacks. The attacks aim to obtain sensitive information such as usernames, passwords, social security numbers and credit card details, by duping victims into thinking they are communicating with is a trusted entity, either by email or text, and increasingly by telephone, a newer form of voice phishing, known as ‘vishing’.
2. IoT Ransomware
The Internet of Things is made up of multiple devices connected to a network, i.e. home appliances and services sensors. While these climate controllers and refrigerators do not often contain any sensitive data themselves, they can be held hostage and are potential targets for hackers to access information in back-end systems such as those of power grid and communication facilities. Should a hacker demand a ransom that is not paid, they can shut down the system a victim is on, and on a wider scale businesses and critical infrastructure could be impacted.
3. Increased Data Privacy Regulation:
In May 2018 Europe’s General Data Protection Regulation (GDPR) was launched, giving European citizens greater rights to data privacy and making companies who collect sensitive information abide by stricter consent laws globally or face significant financial penalties for non-compliance. In America, individual States are introducing their own versions of the GDPR, with the California Consumer Privacy Act (CCPA) bill likely to have a big impact when it comes into effect in January of 2020.
4. Cyber Attacks on Mobile Devices:
Recent research from RSA found that in 2018 “80% of fraudulent transactions originated in the mobile channel,” with fraud from mobile apps has increased exponentially since 2015. As mobile devices increasingly touch every aspect of our personal and professional lives, the risk exposure they represent also becomes greater.
5. Increased investment in automation
Automation technology has gained a foothold within organizations by allowing understaffed cyber-security teams to focus on more complex problems instead of carrying repetitive and sometimes mundane work.
According to a recent survey from the Ponemon Institute, 79% of respondents use security automation tools and platforms within their company, and 50% plan to use security automation within the next six months to three years. This shift towards automation will improve efficiency but skills and knowledge are still essential to reducing cybersecurity risk.
In all these cases a data-first approach to security offers a last line of defense against cyber attacks such as data fraud and theft, and the profound impact they can have on an organization. Find out how Protegrity can help organisations liberate sensitive information by protecting the data itself, in our eBook: Privacy By Design: Balancing Defence In Depth With Advanced Analytics.