Menu
Volkswagen XL Sport Concept Car Stuns at Paris Motor Show

Volkswagen XL Sport Concept Car Stuns at Paris Motor Show

Mila Kunis and Ashton Kutcher Welcome Baby

Mila Kunis and Ashton Kutcher Welcome Baby

William Shatner and Leonard Nemoy to Star in New Volkswagen e-Golf Commercial

William Shatner and Leonard Nemoy to Star in New Volkswagen e-Golf Commercial

iPhone 6c is possible as iPhone 5c Sales Surge

iPhone 6c is possible as iPhone 5c Sales Surge

Jeff Goldblum Stars in funny GE Link Ad

Jeff Goldblum Stars in funny GE Link Ad

The Year Ahead In Cyber Security: What You Need To Know

Dec 22 2013, 9:41am CST | by , in News

The Year Ahead In Cyber Security: What You Need To Know
Photo Credit: Forbes
 
 
Full Story

The Year Ahead In Cyber Security: What You Need To Know

2013 was a watershed year for cyber security and digital secret-keeping. Revelations about the way our data is treated once it leaves our browsers and mobile devices, the actions of hacker collectives, the dismantling of the ostensibly bullet-proof Silk Road online marketplace, White Card scams, Megaupload’s reincarnation as Mega…

But what does the average business need to know about keeping others locked out of private affairs or business dealings?

Eric Friedbergformer computer and telecommunications coordinator for the U.S. attorney’s office of New York and co-founder of security consultant, Stroz-Friedbergsays the need for security is not in question, what’s worth thinking about is building your digital barriers in the most efficient manner possible. “For small to medium companies the challenge is normally budget.”

Companies on a budget need to focus on the most sensitive areas and place priority on protecting them. To that end it’s best not to skimp. “We’ve seen many a midsize company come close to extinction because a major attack happens,” says Friedberg. “After the fact they put lots of security in and you can be sure that in retrospect they wished they’d committed the budget that they didn’t think that they had before the attack.”

Small and midsize firms may wonder why hackers and cyberthieves would be interested in breaking into their systems but, according to Friedberg, one company’s money is just as green as the next’s, regardless of size. “If you have a small credit card processing firm, for example, the fact that it only has a million credit cards as opposed to 100 million—hackers are happy with a million credit card numbers.”

So what can you do to protect yourself? The first step, apparently, has nothing to do with security software at all. “We find that before you get to the technological vulnerabilities, the thing that makes companies weak is the lack of a good governance structure,” says Friedberg. “Governance structure meaning owning the cyber security problem at the very top of the organization; making budget and architecture and cultural decisions as a leadership group and then also having the proper balances and controls such as having a CISO (chief information security officer) as an independent voice to assess risks separate from the CTO function.”

Taking those kinds of steps saves a company CTO from feeling pressure to cut costs by downgrading the security system. “They don’t want to air problems that they have for fear of that reflecting badly on them,” said Friedberg. “They don’t commission really vigorous third party ethical hacking and penetration testing. I can’t tell you how many companies we go to where they just go get a cookie-cutter penetration test just to say that they did it and it sheds no light on their real vulnerabilities.”

The philosophy to adopt is one that assumes your company’s digital walls will be compromised at some point. To that end, a firm’s security system should include intruder detection and network segmentation that protects the most valuable data in a more fortified part of the network.

Hacking generally comes in four forms: state sponsored espionage, organized crime for financial gain, the insider threat and politically motivated hacktivists. In 2014, Friedberg does not see state-sponsored actions abating at all. Russian and Eastern European organized crime groups will continue to compromise banking and business security through Trojan Horse penetration programs. “It’s a cat and mouse game and these attackers are very smart, savvy and creative.”

Hacktivism may see a drop due to advances in the effectiveness of law enforcement, but the middle east could see an uptick due to political turbulence in the region. “We’ve seen increased activity every time one of those things flairs up,” says Friedberg. Insider threats are harder to gauge. “If anything it probably increases when the economy constricts because there are more layoffs and more disgruntlement and more destructive activity by insiders.”

Follow me on Twitter @KarstenStrauss 

Recent Cyber Attacks

Source: Forbes

Updates

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Volkswagen XL Sport Concept Car Stuns at Paris Motor Show
Volkswagen XL Sport Concept Car Stuns at Paris Motor Show
VW just dropped a huge bomb with the reveal of the Volkswagen XL Sport Concept Car. It looks like an awesome sportscar, but only runs on a 2-cylinder engine.
 
 
Pau Gasol Gives Credit to Joakim Noah for Joining Chicago Bulls
Pau Gasol Gives Credit to Joakim Noah for Joining Chicago Bulls
New Chicago Bulls center Paul Gasol gives credit to Joakim Noah for becoming a new member of the team.
 
 
Kirk Cousins Needs Improvement on 3rd Down Situations
Kirk Cousins Needs Improvement on 3rd Down Situations
Washington Redskins quarterback Kirk Cousins, who threw four interceptions in the 45-14 loss to the New York Giants on Sept. 25, must improve on third down situations. According to CSN Washington, his passer rating of 44.4 on third down is the worst among starting NFL quarterbacks this season.
 
 
Steve Smith on Release From Carolina Panthers: 'It Was Personal'
Steve Smith on Release From Carolina Panthers: 'It Was Personal'
Baltimore Ravens wide receiver Steve Smith opened up about his release from the Carolina Panthers on Charlotte radio station WFNZ on Oct. 1. Smith said, "It was personal" and felt he "was stabbed in the back."