Security Is Complicated

Ddos3.png

So far in 2017, 67% of organizations reported an increase in security incidents. 57% said the rise of incidents is due to more attacks, and 73% believe the attacks could have been better identified or prevented.  Over-complication of security can be an issue.  65% of organizations use anywhere from 6, to more than 50 different security products.  Sometimes with the false hope that layers upon layers of security will keep them safe.

26% of security professionals say they operate in reactive mode with ad hoc approaches to security operations and response.  Many firms that have multiple security products also suffer from budgets issues, system compatibility and a lack of skills.

  • 44% of security alerts are not investigated
  • 54% of legitimate alerts are not remediated.

Obstacles for business organizations:

  • Budget: 35%
  • Compatibility Issues: 28%
  • Lack of trained personnel: 25%
  • Certification requirements: 25%                                                                                        

Traditional concerns remain, while new threats continue to grow:

  • Large scale industrial IoT hacks will increase dramatically in 2018.
  • Ransomware attacks are up 250% in the first half of 2017 at 218,625 incidents compared with 61,832 in all of 2016.
  • Adware infected 75% of organizations.
  • 65% of email is spam, 8% of spam is malicious.

In 61% of organizations, 30% of their systems were impacted during a security breach.  These systems were down from 1 to 8 hours for 65% of those organizations.  The next 12-18 months will be a critical time for organizations to fill their security holes or risk becoming a victim of cybercrime that is likely to cause significant damage to the profitability of their company.  Businesses need to start thinking about protecting their digital assets even more securely than they protect their physical assets.  The time is now to realize that the lock on their front door is no longer their most important security feature.

Actions to Take in Response to WannaCry Malware...

Since the perpetrators of the “WannaCry” cyberattack have not yet been caught, experts warn that there could be a second wave coming. To protect your systems, here are some immediate actions to take:

1. Install all Microsoft security patches. 
For those of you who rely on employees to update their own systems, this would be a good time to verify compliance. This malware (or any other malware for that matter) can sneak into your network as soon as one of these infected systems connects. Once there, it can spread to other unprotected systems and devices.


2. Backup critical data to an unconnected device. 
This ensures that even if your systems are unresponsive, you will have data to reload once the problem is addressed. However, it’s important that you disconnect your backups from the network to prevent the spread of the malware to your backup systems.


3. Deploy antimalware and malware signatures associated with this threat. 
These can be found on the Department of Homeland Security website. TierPoint is available to help our clients if needed.


4. Refresh your counter-phishing policies and training. 
The current speculation is that the malware was introduced via phishing emails. If there is a second wave, it will most likely take the same route. Make sure all employees are trained to recognize suspicious emails, know how to (not) respond to them, and have a method for reporting them to your security administrators.


5. Create a ransomware response plan.
If you are hit with a ransomware attack and are unprepared, there are a number of immediate decisions you will need to make including whether or not to pay the ransom (most experts say no), how to interact with law enforcement, and what information to release to the public. We highly recommend working with a law firm experienced in creating such plans to ensure all your bases are covered.

Republished from an article 5/17/17 by Paul Mazzucco, Chief Security Officer who is responsible for all TierPoint corporate security standards.

To find out more about increasing your network security, contact me at Steve@TopSpeedData.com – or visit us at our NEW WEBSITE – www.TopSpeedData.com