As CSOs head into 2018, many are wondering what the next big attack will look like and how it will affect their businesses. At the same time, heightened scrutiny of data practices has these executives laser focused on how they store and protect vital customer information.
With new legislation coming into play in 2018 and the constant onslaught of ever-changing threats, it can be hard to determine where one should concentrate cyber efforts.
If the biggest threats of 2017 taught us anything, it is that investing in multiple technologies alone isn’t enough - enterprises can strengthen their proactive security efforts by improving cybersecurity training. In 2018, it will be critical to educate cyber staff, the first line of defense, on the current data privacy legislation to ensure sensitive data doesn’t fall into the wrong hands, and to avoid costly fines.
Also, training cyber professionals on defensive and offensive cyber-attack strategies will ensure they can more quickly and efficiently identify and mitigate emerging threats. Finally, fake news as a key attack vector should not be underestimated and CSOs should ensure their cyber teams understand this threat and how to identify it. Focusing on these three priorities will give cyber teams an edge during the coming year.
Privacy Takes Center Stage in 2018
Top of mind for many CSOs is the European Union General Data Protection Regulation (GDPR), which goes into effect May 25, 2018, requiring tighter consumer data protection. So, what does GDPR mean for cyber teams? A few things, but perhaps most important, it will be essential for cyber teams to fully understand how much and what kind of personal data related to EU users/customers is stored or shared, where it lies and who has access.
Changes to business processes and incident response procedures for many will be extensive, requiring substantial training to ensure compliance. CSOs will be best served by implementing small group training sessions where cyber teams run through an overview of data collection, including the prioritization of data. Empowering cyber teams with knowledge and business context is the best way to ensure individuals are prepared to make smart choices quickly when facing a cyber incident.
Finally, because GDPR requires enterprises interfacing with this data to adopt “privacy by design” as standard practice, the cyber team can expect to take a wider role within development of new products, services and applications. Their expertise will be called upon as privacy protections are required even in the early development stages.
Learn to Fight Botnets Like a Cyber-Criminal
The ability for botnets to accelerate the damage of DDoS attacks, ransomware and click fraud can’t be overstated. In November, the Necurs botnet was resurrected, and within six hours Scarab ransomware was delivered to 12.5 million email addresses. This is just the latest example of a threat that will become even more pervasive with the anticipated onslaught of IoT devices entering the marketplace which is predicted by Gartner to increase to more than 11 billion.
Educating cyber teams on how to properly monitor network traffic and flag any suspicious activity is essential. Signs of a botnet attack might include several machines on a network making identical DNS requests, high outgoing SMTP traffic (from the “user” sending lots of spam messages) and unanticipated popups (a sign of click fraud activity). Once cyber teams know the signs and how to identify the threat, they can begin learning how to fight it – defensively and offensively.
In virtual environments, organizations can replicate their enterprise networks allowing cybersecurity teams to practice defending against simulated threats with real-world tools and tactics before meeting them in the real world.