In the last decade, we’ve seen massive innovations in the digital landscape, from streaming live media to cloud computing to Beacon-enabled geolocation technology to IoT-enabled “smart” appliances. Mobile adoption has risen at a dramatic rate: Today, 81% of Americans own smartphones, up from just 35% in 2011. We’re consuming more data than ever before.
We’ve also seen how easy it is for malicious actors to access and corrupt this data: The number of data breaches has steadily jumped in the past decade, with 945 data breaches reported just in the first half of 2018, resulting in 4.5 billion records exposed.
How can you ensure your company’s data security in the coming year? Here’s a look at trends in cybersecurity risks to be aware of.
1. Security gaps related to 5G networking
Many organizations see huge potential in moving to 5G networking, which promises dramatically increased bandwidth and faster downloading and uploading speeds. But transitioning to 5G without a dedicated network security plan can open your company up to huge security risks, as there is a much larger attack surface available with increased connectivity. A solid network security plan should include virtualization, AI-driven threat detection, a zero-trust environment, and a shared security model.
2. Smishing
Never heard of smishing? It’s phishing’s evil cousin, “SMS” phishing. Over the last couple of years, scammers have increasingly been targeting individual consumers with text messages falsely claiming to be from banks, stores, or government institutions and asking them to share bank or credit card details. If you operate a business that is likely to be impersonated in this type of scam, make sure to produce educational collateral to share with your customers advising them to be aware of smishing and phishing scams, and include two-factor authentication for logins to any sensitive financial data.
3. Mobile malware
In the first half of 2019, malware attacks against mobile devices jumped by 50% compared to the previous year. The Android platform is particularly susceptible, with some forms of malware shutting off the Google Protect security settings so that financial data can be stolen from banking customers. The most common form of mobile malware, Traida, even grants the hacker super-user privileges on the user’s phone, allowing them to download additional forms of malware and to spoof URLs. Mobile malware is a huge threat to companies that use BYOD policies—make sure that any employee who uses their mobile devices for work-related activities has a strong mobile antivirus tool installed, and review policies to help them be aware of potential phishing or smishing schemes.
4. Supply chain attacks
Your business is only as strong as your weakest link. Even if you’ve invested in enterprise-grade network security protection, it doesn’t make much difference if you’ve provided third-party vendors with unrestricted access to your network. If your vendor has looser security protocols and falls victim to a hack, you’ll suffer just as much damage as if your business had initially been breached. Whenever you’re contracting with third party vendors—including CPAs, lawyers, or even MSPs—be sure to ask them about their internal security protocols to ensure that they’re up to snuff, and limit the data you share with them to only what’s necessary to do the job they’ve been contracted to do.
#TekTips
So, what can you do before the ball drops on a new decade to prepare your company for a secure 2020?
- Audit your tech stack. Look at what software you’re using, both on desktop and mobile, and analyze what permissions you’ve granted to each. Can unnecessary software be eliminated, or unnecessary permissions be rescinded? The more access you provide, the more likely you are to fall victim to a data breach. It’s also a good time to ensure that you’ve installed all necessary software updates and patches.
- Educate your employees. One of the most crucial tools for safeguarding your business is a well-informed workforce. Take the time to train or refresh your entire team on the basics of strong passwords, two-factor authentication, avoiding phishing scams, BYOD policies, and other cybersecurity essentials, and test their knowledge to make sure they paid attention. Most breaches occur due to employee negligence, so ensuring that your team is aware will help you stay safe
Have questions about Cybersecurity or anything discussed in this article? Contact us below!