Vortex of Change: Navigating the ever-changing security minefield
In Part Four of our series focusing on the Vortex of Change, we look at why data breaches are on the rise and what can be done to mitigate them.
The security landscape has been flipped on its head in the last five years. While the collection and processing of data has allowed businesses to transform themselves through Big Data analytics, the storing of sensitive information in the cloud has made it a viable target for hackers.
The cybercrime industry is flourishing thanks to anonymous tools such as Tor, which mask online activities. Estimates suggest that online crime currently costs the global economy $400 billion a year1. According to Symantec, on average nearly one million new threats are released per day2.
Not only are data breaches becoming more common, their effects on businesses are increasingly harmful. There have been a number of high-profile hacks over the course of the last 18 months, resulting in reputational damage and tens of millions of pounds needing to be spent on investigations and remediation. Security remains at the top of the agenda for CIOs across the world as hackers continue to infiltrate networks, stealing whatever they can with many cybercriminals moving on from credit card fraud to confidential emails, financial and medical records, online identities and even log-in details for popular online services such as HBO Go.
To understand the rise in data breaches and how to deal with them, it’s important that businesses are aware of the causes. The State of Cybersecurity Report3 by the Association of Corporate Counsel surveyed 887 law firms in 30 countries and provides a useful insight into the major ways data breaches occur:
With an influx of smart devices onto the market, security challenges are only going to grow in the future. The Intel Security Group predicts 200 billion devices will be connected to the Internet by 2020. According to McAfee Labs 2016 Threats and Predictions report4, the race between companies to rush out products and lead the connected wearables, cars and home markets will create numerous vulnerabilities, which will be ripe for exploitation.
McAfee outlined a variety of scenarios; in the near-future, spear phishers could potentially get hold of GPS data via a running app that is connected to an unsecured fitness tracker. If you stop at a coffee shop after a run, an attacker could send you an email later in the day saying “I think you dropped this at the coffee shop this morning” and include a link to an infected image file. During the next five years, connected home networks could also become a gateway to hack into people’s lives or into their employer’s resources and even connected cars represent a security risk, the report suggested.
So what are the steps a firm can take to improve security? To help cut down on employee errors, we’re already seeing businesses tighten up BYOD policies. A CompTIA Information Technology Association survey5 of 375 IT professionals in the US revealed 53 percent of private companies have banned employees from using their own devices to help increase security. But a blanket ban on BYOD policies will not fix the issues.
Jim Henrys, Principal Strategist at Intel, outlined a three-pronged strategy to increase the security backbone of a company by focusing on culture, architecture and insights. “Instead of always thinking employees are the weakest security link, they can be turned into a form of defence by the implementation of a strong culture. Companies need to authorise mandatory security training, education and encourage integrity, straight talking, and the following of protocols,” he says.
“From an architecture perspective, security needs to be built into the DNA of enterprise systems, not added as an afterthought. Thirdly – companies need to use advanced analytics and heuristics to automate processing of alerts for advanced threat detection. It’s not uncommon for a large company to get millions of alerts on a daily basis.”
Intel’s approach to security is to provide piece of mind by integrating security from the chip through to the cloud. This provides improved protection at the lowest level below the OS and helps ensure that processing starts more securely, runs more securely and stays more secure.
“For example, with regards to our Business Client platform, built-in protection focuses on many areas from anti-malware (Intel OS Guard + McAfee DeepSAFE) through to resiliency thanks to our vPro™ technology. The launch of 6th Gen Intel Core products is focused on protecting identity theft with solutions such as Intel Authenticate. This hardware-enhanced multi-factor verification technology allows IT administrators to request up to three methods of authentication before someone is granted access to enterprise data. Employees can be requested to input something they know like a password, then use something they have like their smartphone and finally use biometrics such as a fingerprint or iris scan. For small businesses, which do not have the benefit of having a dedicated IT department, we have Intel Small Business Advantage which will automate identity and data protection by automatically updating software and backing up data. We are also moving towards developing dynamic security profiles for users, which automatically configure protection levels depending on the devices and network connections being used,” he concluded.
Stay tuned for more in our series of articles about the Vortex of Change.
FOR MORE INFORMATION:
In Part One of a series of features examining the changing global business landscape, Intel highlights a new wave of global innovation and outlines how businesses need to adapt to meet its demands.
In Part Two of our series focusing on the Vortex of Change, we examine the real-world business value of analytics with examples from Ford and Netflix.
In Part Three of our series focusing on the Vortex of Change, we investigate how businesses can leverage the power of the smart connected world.
Business benefits include improved security, wireless collaboration, faster performance and all-day battery life.