By David Glenn, Executive Vice President at Creative Breakthroughs, Inc. (CBI)
Creative Breakthroughs, Inc. is an innovator and leader in developing and delivering IT advisory services, network security, integration and infrastructure management strategies. And with “creative” in our name, we pay special attention to the never-ending evolution of today’s cybercriminals, constantly developing new and sophisticated ways to attack our customers. Fortunately, we have a valuable resource in this continuing struggle: The Internet Security Threat Report (ISTR) from Symantec.
The ISTR is a valuable document that we leverage each year to provide our customers with up-to-date research on the current threat landscape. And with CBI’s core business focusing on technology solutions for highly regulated industries for the last 22 years, we found the cyberthreats our customers are concerned with map significantly to the ISTR key trends this year. Knowledge is power, and we’re recommending that our consultants and account managers review the ISTR and share the findings via active discussion sessions with customers of all sizes and industries. The ISTR helps them educate customers on growing cyberattacks and threats to privacy, and work with them to design and implement a comprehensive security strategy to mitigate risk and provide the best protection possible.
The Symantec ISTR serves multiple functions for our customers:
- Helps them justify technology expenditures to executives
- Helps provide statistical information that they can use in their security awareness training programs and risk management presentations
- Provides valuable reference information to help them assess their own threat vulnerability
- Gives a basis for additional research to build upon and to reference
- Provides recommendations for how to respond to existing threats and vulnerabilities
In our experience, more and more small to mid-sized businesses are becoming victims of the same kinds of threats and attacks that affect larger organizations. And, typically, smaller organizations have fewer effective information security controls in place. This affects enterprises too – regardless of their own security practices –because the small companies they do business with are more vulnerable and often store sensitive data from their large enterprise partners that can be accessed and exploited.
The ISTR demonstrates how attackers are getting smarter. We’ve seen the evidence of targeted attacks that collect data over extended periods of time both for financial gain and for industrial or state-sponsored espionage, growing in frequency and level of sophistication.
Mobility continues to be a growing concern for our customers as well, as usage of BYOD (tablets, personal smartphones, etc.) continues to expand, with business and personal information existing side by side on the user’s device. Today’s enterprises need to address the potential risks personal device use in the workplace poses, including the exposure of confidential company data.
We are seeing more complex communication methods from attackers, as well as ever-increasing cyberattack entry points. Hactivists and financially driven malicious attackers are moving away from email (even though we all still get those annoying phishing emails) and moving towards LinkedIn, Facebook, Instagram, Pinterest and other social media platforms as the preferred mode of contact. To us, this demonstrates how crucial a multi-layered approach to security is in order to maintain the integrity of your network and ensure your data is not compromised.
If you’re not using the ISTR as an educational, decision support and reference tool, you are missing out on a tremendous resource. No matter the size of your organization, your role, or your current level of knowledge about information security threats, this is must-read data. In fact, I find the report so valuable that I typically have a copy of this on my iPad, a copy on my laptop, and a physical copy for reference in my office.
To view the Symantec Internet Security Threat Report (ISTR), Volume 18, please visit: http://bit.ly/12itXeG
For additional information on the Symantec Internet Security Threat Report (ISTR), please visit: http://bit.ly/WZoj0k