Cyber Security Predictions for Small Businesses and Organizations
The good news: most companies and individuals are more aware of cyber risk than previously. Cyber security measures do work.
The bad news: small businesses continue to be victims of cybercrime, and this trend will increase.
As Dan Leary at White Hat Security states: Companies will continue to get breached because of simple vulnerabilities. We have seen year after year that vulnerabilities we knew about at the turn of the century continue to be exploited leading to massive data breaches that effect both companies, and their users.
Other predictions include:
Malware attacks will continue to increase and be even more creative and potentially damaging. McAfee Labs believes that malware will peak mid-2017 and then subside, but other security experts are not so optimistic.
Ransomware will get more aggressive. Creative criminals are asking their victims to share the malware with their friends before the criminal unlocks the victims’ files. The friends have to pay the ransom before their files are then unlocked. There is also less honesty with the ransomware crooks. Even though a victim pays the ransom, the crook leaves coding on the infected system to be activated later.
A new variation predicted by Watchguard Technologies is ransomworms that can slither through a network and attack more than just one system.
Increase in drone use will come with cybersecurity risks. Drone use will expand to physical security surveillance, potentially deliveries, and videoing for training purposes. The ability to hack a drone, which is a variation of an Internet of Thing, will be actively pursued by creative cybercriminals.
Nation states will attempt to influence elections, perpetuate false news and exert other forms of disinformation. While the focus has been primarily political targets, these tactics may migrate to companies in an effort to influence or control business decisions.
Symantec forecasts that rogue nation states will fund their initiatives with money stolen via cybercrime.
A potentially new target for cybercrime may be religious organizations. Fireeye identified this segment since these organizations often maintain contact and sensitive information but may not have robust security measures in place.
For a good roundup of predictions from key cyber security experts, check out Dan Lohrmann’s blog at Government Technology online magazine.
What small businesses can do
Be ever vigilant and continue to reassess your potential risks. Your business is seldom static and therefore risk management should not be static.
If you are a board member for an organizations beyond your actual company, think about potential risks to the organization and if it has sufficient security measures.
Continue to manage your risk in 2017 to at least the level you did in 2016. Cybercrime will not diminish in 2017. With an increasing healthy economy, small businesses may be a bigger cybercrime target than in previous years.
About the Author- Carolyn Schrader is a seasoned cybersecurity professional and founder of the Cyber Security Group Inc., providing corporate cybersecurity services to high profile clients.