Accessability Links
Job Search

The top 10 cyber security challenges for businesses

14 Mar 17 - 1:02PM  | Information Security
The top 10 cyber security challenges for...Cyber security is becoming an increasingly important issue for businesses worldwide, with the financial and reputational cost of data breaches creating significant headaches for unprepared boards. 

While technology is helping organisations to optimise their operations through various innovative means, the number of cyber security threats that companies must tackle has grown. 

But what risks do cyber security experts face in 2017? Here is a list of some of the key problems that organisations must consider as we head deeper into the year. 

1. Ransomware 

We've covered the danger of ransomware in our blog before, and the recent McAfee Labs 2017 Threats Predictions report said this form of malware will remain a problem for businesses well into the second half of this year. 

Ransomware typically prevents users from accessing important information and data on their computers or networks until a payment is made. However, cyber criminals don't always free up devices once the ransom is met and often try to extort more money out of their victims. 

2. Distributed denial of service (DDoS) attacks

DDoS attacks have crippled multiple big names over the past few years, including the BBC, cloud-based internet performance management firm Dyn, and presidential hopeful Donald Trump's election campaign website. 

"DDoS attacks will not only scale up this year to a terabit per second in some instances, but also increase in frequency to a total of 10 million attacks," said Phill Everson, UK head of cyber risk services at Deloitte.

"The volume and scale of such breaches would challenge the defences of organisations, regardless of size."

3. Hacktivism 

Not all cyber criminals are profit-oriented, and the rise of hacktivism means a growing number of people are breaking into computer systems for politically or socially charged reasons. 

These attacks can be even more damaging than traditional threats because hacktivists are often trying to make a statement, so their efforts are usually very publicly damaging for an organisation's reputation. 

There are also significant safety concerns if hacktivists can override safety mechanisms or publish documents that pose national security risks.  

4. The Internet of Things (IoT) 

McAfee estimates there will be approximately 1.8 billion connected devices in consumer hands by 2019. Hacking into such systems will become more common over the coming years, with ransomware and hacktivism thought to be key problem areas. 

There is also a significant privacy threat, as smart devices typically contain a considerable amount of sensitive information that cyber criminals could access. According to McAfee, some products sold this year may already have backdoors installed that criminals can leverage. 

5. Dronejacking 

Organisations and consumers are using drones in new and exciting ways, and cyber criminals are likely to take advantage of this growing popularity by hacking into the technology. 

The McAfee report said experts have already shown how easy it is to take over a toy drone, land it on the roof of a home or business and hack into local wireless networks. 

6. Social engineering 

As cyber security technology and preventative measures become more complex, criminals will turn to social engineering in an effort to bypass such systems. 

This involves manipulating or deceiving key individuals into divulging important data or financial information, such as through phishing techniques. 

Figures from the Anti-Phishing Working Group revealed phishing attacks surged 65 per cent in 2016 when compared with the previous year. 

7. Insider threats 

Businesses don't just face external threats; there is a significant chance of cyber security issues arising internally. In fact, the IBM 2016 Cyber Security Intelligence Index found that 60 per cent of data breaches in the preceding year were due to insider threats. 

Of these, more than two-thirds were people with malicious intent, while the remaining incidents were due to 'inadvertent actors'. The latter refers to innocent individuals who accidentally allowed attackers access to information, or who failed to follow security measures. 

8. Machine learning 

Machine learning algorithms are helping businesses perform complicated data analysis tasks on huge quantities of data at phenomenal speeds with minimal manual input. 

The technology is used to detect fraud, predict the success of marketing campaigns and automate consumer product suggestions, as well as numerous other innovative applications. 

However, McAfee predicts machine learning will be leveraged to commit crimes, such as aiding fraudsters in identifying high-value targets among large datasets. 

9. Mobile malware

As a growing number of people use mobile devices to perform everyday business tasks, the likelihood that cyber criminals will attempt to exploit weaknesses in the technology rises. 

Kaspersky Lab recently revealed that mobile malware attacks tripled between 2015 and 2016, with the firm identifying 8.5 million malicious installations. The organisation also found that instances of both mobile banking Trojans and mobile ransomware increased by a rate of 1.6 times over a 12-month period. 

10. Fake ads and feedback

Consumers are frequently bombarded with advertisements online, and the proliferation of fake ads and phishing attacks have eroded trust in net-based marketing collateral. 

Meanwhile, purchased 'likes' and other forms of fabricated feedback are exacerbating the problem, leaving customers sceptical of the validity of various online advertising methods. 

Even businesses that are not involved in such activities may find fake ads and other nefarious marketing tactics are affecting their legitimate campaigns. 

Boosting cyber security preparedness

This top ten list highlights some of the key cyber security risks that businesses are facing now and will continue to see in the future.  

Keeping ahead of sophisticated cyber criminals requires a mixture of the right systems and software, the best security professionals and boardroom buy-in for cyber security measures.

Given the pace of technology evolution, organisations must work hard to stay ahead of resourceful cyber criminals who are looking to exploit the vulnerabilities in core business systems. 

Our 2017 Market Report combines our review of the prevailing conditions in the security & resilience recruitment market together with the results of our latest employer survey.

Image: Kirill_Savenko via iStockADNFCR-1684-ID-801833525-ADNFCR
Related headlines
Top 10 worrying stats about ransomware in 2017
Top 10 worrying stats about ransomware in 2017
20-10-2017 Ransomware has emerged as one of the hottest topics in cyber security circles in 2017, after organisations worldwide wer...
Yahoo admits 2013 breach hit all 3 billion users
Yahoo admits 2013 breach hit all 3 billion users
06-10-2017 Last year, Yahoo revealed that approximately 500,000 user accounts had been hacked in late 2014, exposing names, email a...
The 5 stages of cyber security maturity (according to KPMG and BT)
The 5 stages of cyber security maturity (according to KPMG and BT)
22-09-2017 You have probably heard of the five stages of grief. It's a concept that's regularly relied upon in TV and films to show...


Search More News
Open the calendar popup.
Open the calendar popup.

News Archive
October, 2017 (7)
September, 2017 (9)
August, 2017 (8)
July, 2017 (7)
June, 2017 (5)
May, 2017 (8)
April, 2017 (6)
March, 2017 (8)
February, 2017 (8)
January, 2017 (5)
December, 2016 (4)
November, 2016 (5)
October, 2016 (5)
September, 2016 (5)
August, 2016 (4)
July, 2016 (5)
June, 2016 (5)
May, 2016 (3)
April, 2016 (5)
March, 2016 (4)
February, 2016 (9)
January, 2016 (7)
December, 2015 (8)
November, 2015 (5)
October, 2015 (5)
September, 2015 (5)
August, 2015 (1)
July, 2015 (4)
June, 2015 (7)
May, 2015 (7)
April, 2015 (7)
March, 2015 (10)
February, 2015 (11)
January, 2015 (2)
December, 2014 (21)
November, 2014 (25)
October, 2014 (23)
September, 2014 (25)
August, 2014 (20)
July, 2014 (23)
June, 2014 (33)
May, 2014 (34)
April, 2014 (34)
March, 2014 (34)
February, 2014 (34)
January, 2014 (36)
December, 2013 (33)
November, 2013 (34)
October, 2013 (34)
September, 2013 (34)
August, 2013 (34)
July, 2013 (33)
June, 2013 (34)
May, 2013 (30)
April, 2013 (37)
March, 2013 (38)
February, 2013 (30)
January, 2013 (34)
December, 2012 (28)
November, 2012 (37)
October, 2012 (15)
March, 2012 (31)
February, 2012 (25)
February, 2011 (59)
January, 2011 (58)
December, 2010 (61)
November, 2010 (40)
October, 2010 (40)
September, 2010 (59)
August, 2010 (39)
July, 2010 (40)
June, 2010 (38)
May, 2010 (38)
April, 2010 (38)
March, 2010 (38)
February, 2010 (40)
January, 2010 (41)
December, 2009 (40)
November, 2009 (39)
October, 2009 (42)
September, 2009 (37)
August, 2009 (38)
July, 2009 (39)
June, 2009 (41)
May, 2009 (37)
April, 2009 (40)
March, 2009 (51)
February, 2009 (50)
January, 2009 (48)
December, 2008 (50)
November, 2008 (54)
October, 2008 (50)
September, 2008 (58)
August, 2008 (60)
July, 2008 (15)
 
Alex JozsaIT Audit
London
Andrew WhyteManager, Interim Solutions, Internal Audit
London
Daniel ClosePresident
New York
David HornsbyDirector, Banking & FS Internal Audit
London
David JarroldRegional Internal Audit, Risk & Control
London
Gabriel MooreConsultant
London
Gareth CarpenterRegional Director – Americas
New York
Hannah RussellAudit
London
Irma BoulderstoneBanking & FS Internal Audit
London
Russell BunkerAudit, Info Security & Technology Risk
Singapore
Steven DriverInternal Audit, Risk & Control
London
Tim SandwellDirector, Europe & Middle East
London
Vickie ChanAssociate – Internal Audit
New York
William WilcoxVice President
New York