From ransomware to credential theft, Charlotte businesses face all types of IT security challenges on a daily basis.
Some of these are the “old favorites” of hackers dressed up with the newest AI-powered algorithms, like targeted phishing email that automatically inserts a user’s name and company in the salutation.
Others are brand new threats that companies may not have seen before, such as password dumpers, a type of malware designed to go after databases full of login credentials.
Staying on top of business IT security is critical to preventing a costly data breach or malware infection. The costs in downtime, productivity and lost trust can often devastate a small company.
Over 80% of businesses have been impacted by a successful cybersecurity attack within the last year.
A big part of staying safe is keeping one step ahead of the bad guys. This is done by knowing what types of attacks are on the rise and ensuring you’re ready.
Our team has reviewed two of the top cybersecurity reports that act as a roadmap for what organizations need to be on alert for. These include:
- The 2020 Cyberthreat Defense Report by CyberEdge Group
- The 2020 Data Breach Investigations Report by Verizon
Both provide valuable insights on the top threats to your business cybersecurity. Each one also includes data from thousands of users across several countries and industries.
Biggest Cybersecurity Threats to Be on Alert For
Following, are some of the biggest issues noted in the 2020 cybersecurity reports when it comes to business data and network security.
We’ll include tips on how to protect against each one so you can help your company get ready for them.
Hackers are Hitting the Same Targets Multiple Times
You’ve just finished cleaning up after a ransomware attack, so you’re in the clear for a while now, right? Wrong! One of the major findings in the Cyberthreat Defense Report was that hackers have been hitting the same businesses over and over again.
35.7% of surveyed companies had been successfully hit with a cyberattack six or more times in the last year.
This means that if you don’t learn from a cyber incident and immediately make the needed adjustments to protect yourself, the hackers will be back again soon.
- Do regular security assessments to identify any weak spots
- Enlist the help of an IT professional to do a post-breach investigation to ensure any vulnerabilities are addressed
Compromised Credentials Are Becoming a Major Problem
There are a number of different statistics that show that the danger of stolen or hacked login credentials is rising. Here are two in particular that tell the story:
- 80% of hacking-related data breaches involve credential theft.
- The #1 malware used in data breaches is a password dumper
Hackers are drilling down into the treasure trove of user login credentials. Hacks using legitimate credentials are much harder to detect than those that break into your network using other means.
This is also a reason that insider threats are becoming more prevalent. Not being able to detect insider attacks (which are often done through stolen credentials) has jumped to the #1 concern among organizations. User security awareness is #2.
- Use multi-factor authentication with all logins
- Give users the minimum access privilege needed for their duties
- Monitor cloud app access using a Cloud Access Security Broker
Ransomware Attacks and Payments are Both on the Rise
Ransomware is a particularly disruptive and expensive form of malware. Because it can instantly impact all data in a network and make it unreadable, causing widespread downtime, companies will often pay the ransom just to get back up and running as fast as possible.
But those ransom payments only give attackers a reason to continue hitting more businesses.
In 2019, 62% of organizations were hit with ransomware and 58% of victims paid the ransom. The year before it was 56% that were hit and 45% that paid.
- Have a good backup and recovery system (and test it)
- Put anti-phishing safeguards in place
On-premises Assets are More at Risk than Cloud
If you needed one more reason to move to cloud solutions for business productivity and continuity, it’s data breach security.
Of 3,950 data breaches studied in the Verizon report, 70% of them involved on-premises assets, while just 24% of them involved cloud assets.
One reason for this may be that cloud vendors, such as Microsoft, put a lot of money into the security of their cloud services. If a company is handling their on-premises server security themselves, they may be leaving vulnerabilities unchecked.
- Move on-premises assets into a cloud server environment (like Azure)
- Review on-premises server security (firewalls, router security, etc.)
Get a Security Assessment from Rocky Knoll Technologies
Don’t leave your IT security to chance. Gain peace of mind and valuable security recommendations by having us do an IT security assessment for your business.
Contact us today to schedule your security assessment! Call 704.594.7292 or reach us online.