Since the release of SonicWall Capture Advanced Threat Protection (Capture ATP) in August 2016 on SonicWall firewalls, we have seen a lot of unique behavior from authors of malicious code, namely ransomware. Up until Christmas 2016, Locky received a lot of attention from security firms but then took a backseat during the holiday season.
Ransomware has forced organizations to rethink their security architecture. Organizations are increasingly investing in security solutions that provide additional protection of sensitive data, as well as better visibility over network traffic and endpoint activity. According to IDC research, 60% of organizations surveyed indicated that modern endpoint and network security products such as network sandboxes were either a high priority or an extremely high priority over the next 12 months.
Last week I was at one of our sales offices in Utah. I heard an interesting story about how a dentist office called in to ask for threat prevention against ransomware. The dentist office had been affected by ransomware twice in a short period of time. Twice, they paid the ransom to ensure business continuity and customer retention.
The data is still coming in, but it’s looking like consumer spending this holiday season will once again outperform previous years. Multiple research firms including the National Retail Federation (NRF) are predicting a growth in sales over the same period in 2015. Credit card vendor Mastercard is forecasting a 19% increase in online sales over the holidays.
In most organizations, the same issue is being felt – how can network security be increased without lowering performance within a budget? How much risk is acceptable? If your organization is not facing this issue, you should be looking at the growth of encrypted web traffic (https) and cloud computing and how your current firewall maintains performance and/or efficacy in this new environment.
Designed to strengthen protection of personal information for all EU citizens, the General Data Protection Regulation – GDPR – goes into effect in May 2018 and may affect companies of all sizes, in all regions, and in all industries, who holds EU citizen personal information. Those who will be victim of a data breach when the GDPR goes into effect risk significant fine (up to Euros 20millions or 4% of their global revenues), and loss of reputation, that could bring the business to its knees.
Preventing your organization from being the victim of an inevitable cyber-attack is paramount so it is important for us to kick off this blog with an important risk question.
Do you know whether or not your organization‘s firewall is inspecting HTTPS traffic traversing its networks?
I have polled this question on numerous webinars I have conducted over the past year.
There’s no question companies are being more proactive in their network security approach than ever before. We’ve made substantial gains as an industry, in terms of cybersecurity education and adoption rates across businesses of all sizes. But when major technology companies with multi-layered security programs are still falling victim to breaches year after year, it points to a different problem altogether – that even accepted security best practices can sometimes leave gaps.
According to a recent PWC survey, 54 percent of respondents buy products online every month. And millions of employees shopped online yesterday with their work devices on business networks. The critical business threat: Will any of your business computers or networks get infected with malware when employees make personal online purchases?
News reports about new data breaches have become an all too frequent occurrence. But cyber attacks can’t and don’t stop state and local governments from getting on with the business of governing. It’s easy to fall into a state of paralytic fear about attacks and data breaches, but in the meantime, state and local governments need to deliver the services their citizens rely upon, and continue to leverage technology to expand and improve those services.