Security was a leading topic throughout 2017 across all industries, and has already dominated headlines in 2018 as well. Ransomware, a malicious form of malware designed to block access to computer systems pending a “ransom” payment, was the dominant cyber threat in 2017. According to Cybersecurity Ventures, a business falls victim to a ransomware attack every 40 seconds, and they predict that number will rise to every 14 seconds by 2019.
Cisco’s threat research shows that 50% of global we traffic was encrypted as of October 2017. While to web traffic encryption is designed to enhance security, it does reduce visibility. Adversaries are using this encryption as a tool to conceal command-and-control activity, which buys them more time to operate and inflict damage. More enterprises are turning to machine learning and artificial intelligence to help detect unusual patterns in large volumes of encrypted web traffic.
The top security challenges organizations can anticipate facing in 2018 include:
Adversaries are evolving their techniques at a faster pace than defenders are implementing security strategies. They are weaponizing their exploits and evasion strategies to launch attacks at increasing magnitudes. Defenders preparation and ability to recover quickly depends largely on the steps they are taking to strengthen their security posture.
According to Cisco’s 2018 Security Capabilities Benchmark Study more than 53% of all cyber attacks resulted in financial damages of $500,000 or more. The areas organizations are finding most challenging to defend area mobile devices, user behavior and public cloud data.
Adhering to common best security practices and implementing strategic security improvements can reduce companies’ exposure to developing cybersecurity risks and can provide better visibility into the emerging threat landscape. To better your security posture you should implement first-line-of-defense tools, adopt next-generation monitoring tools, perform consistent reviews, analytics, and data back-up. With malware hiding in encrypted web traffic and it’s also important to adopt advanced security technologies that will prevent and detect the use of encryption for concealing malicious activity.