Advanced persistent threats, malware sent via attachments, direct targeting of specific users through spear phishing techniques, vulnerabilities exploited to silently deliver malware and poor implementations of BYOD policies in the corporate environment – these are only a few of the numerous ways hackers will continue to use to target the enterprise environment in 2015.
This is the stark reality of today’s corporate landscape and thus, as we move ever further into the new year, Chief Security Officers must ensure that they are taking sufficient measures to guard against these sizeable threats. Reinforcing security by installing and updating legitimate software and, perhaps most importantly of all, training employees in good security practices are the first essential steps – especially in light of recent numbers. A US study carried out by Bitdefender found that almost 30% of BYOD users would share their personal mobile devices with friends or family members, even if they hold critical company data.
Security must meet the evolution of enterprise expectations
Businesses are now firmly aware of the dangers they face and beginning to take much-needed measures to protect themselves for the future, after a proliferation of data breaches in recent years. However, there are still concerns that need to be addressed.
Many SMBs in the UK have yet to upgrade from using Windows XP and older versions of Internet Explorer, despite the associated risks of both. While Windows 7 is currently offering “extended support” to users in the form of reassuring critical security patches, forward-thinking firms should be looking beyond this short-term solution towards robust, upgraded software that can deliver what the business needs for the future.
Another aspect to take into account is cloud migration. Cost savings, flexibility, decreased time to market, and dynamism are just some of the reasons that cloud migration is being swiftly accelerated in the UK. With adoption on the rise, it’s clear that cloud security solutions will have to follow suit to meet the evolution of enterprise expectations of the technology. Security continues to be one of the main issues hindering cloud migration, both during the migration process and once everything has been set-up.
Both of these processes cause security concerns that need to be counteracted – but of the two, the greatest security concern is probably with the migration process, which many non-technical enterprise leaders are likely to be skeptical about. For a smooth process, IT teams need to be effective at translating technical risks into the types of business risks that executives understand.
Staying one step ahead of the hackers
In the event of a cyber-attack, a natural disaster or human error, disaster recovery is unquestionably one of the best, yet hardest solution to manage successfully. As such, it is of course a far better approach to stay on guard and one step ahead of hackers, rather than being reactionary. Our internal research data recently revealed that some companies face 30 to 40 million malware attacks a month – so it would be reckless to leave a system packed with corporate “goodies” with no security.
In terms of counteracting, businesses should start by installing a dedicated enterprise security solution on all devices, including mobile phones used by employees at the office and at home as BYOD approaches become increasingly welcomed. The vast majority of security concerns can be swiftly counteracted, provided that companies work with the right IT experts, make an informed decision when choosing their cloud and anti-malware providers, and install certified security solutions.