Times are extremely restless for security teams as they face highly motivated adversaries, and the onslaught of very active and progressive cyber-attacks. Today’s hacking techniques are stealthy, unpredictable in nature and waged by skillful attackers capable of developing innovative ways of circumventing security defenses. One new and more popular way that is becoming a status quo among malware writers today is the malicious use of encryption.
There is no end to the danger of cyber-criminal activities, as long as there is an underground marketplace that makes it almost impossible for authorities to intervene and enforce law and order. We continue to see our adversaries relentlessly going after money by developing and experimenting with different methods and tools against new and existing vulnerabilities, in preparation for the next phase of their business model.
Since the release of SonicWall Capture Advanced Threat Protection (Capture ATP) in August 2016 on SonicWall firewalls, we have seen a lot of unique behavior from authors of malicious code, namely ransomware. Up until Christmas 2016, Locky received a lot of attention from security firms but then took a backseat during the holiday season.
Ransomware has forced organizations to rethink their security architecture. Organizations are increasingly investing in security solutions that provide additional protection of sensitive data, as well as better visibility over network traffic and endpoint activity. According to IDC research, 60% of organizations surveyed indicated that modern endpoint and network security products such as network sandboxes were either a high priority or an extremely high priority over the next 12 months.
Last week I was at one of our sales offices in Utah. I heard an interesting story about how a dentist office called in to ask for threat prevention against ransomware. The dentist office had been affected by ransomware twice in a short period of time. Twice, they paid the ransom to ensure business continuity and customer retention.
The data is still coming in, but it’s looking like consumer spending this holiday season will once again outperform previous years. Multiple research firms including the National Retail Federation (NRF) are predicting a growth in sales over the same period in 2015. Credit card vendor Mastercard is forecasting a 19% increase in online sales over the holidays.
In most organizations, the same issue is being felt – how can network security be increased without lowering performance within a budget? How much risk is acceptable? If your organization is not facing this issue, you should be looking at the growth of encrypted web traffic (https) and cloud computing and how your current firewall maintains performance and/or efficacy in this new environment.
Designed to strengthen protection of personal information for all EU citizens, the General Data Protection Regulation – GDPR – goes into effect in May 2018 and may affect companies of all sizes, in all regions, and in all industries, who holds EU citizen personal information. Those who will be victim of a data breach when the GDPR goes into effect risk significant fine (up to Euros 20millions or 4% of their global revenues), and loss of reputation, that could bring the business to its knees.
Preventing your organization from being the victim of an inevitable cyber-attack is paramount so it is important for us to kick off this blog with an important risk question.
Do you know whether or not your organization‘s firewall is inspecting HTTPS traffic traversing its networks?
I have polled this question on numerous webinars I have conducted over the past year.
There’s no question companies are being more proactive in their network security approach than ever before. We’ve made substantial gains as an industry, in terms of cybersecurity education and adoption rates across businesses of all sizes. But when major technology companies with multi-layered security programs are still falling victim to breaches year after year, it points to a different problem altogether – that even accepted security best practices can sometimes leave gaps.