Another year, another IP EXPO Europe over. With over 300 seminars, 15,000 visitors and keynotes from some of the world’s leading IT minds, it was a busy few days. Not to mention the hordes of people taking on the challenge of creating their own Mini Fig at the Citrix booth!
Information security is always on the agenda, but after another year of high profile data breaches, new waves of zero-day attacks and an increased focus on cybercrime, three particular security trends were driving the conversation at this year’s IP EXPO.
Holding data for ransom
Today’s threat landscape is more advanced, more determined, and better equipped than ever before to exploit the weaknesses of organisations, many of which house a potential data goldmine. Many cybercriminals are turning to ransomware as a lucrative way to get rich quick without the hassle of selling stolen data on the black market. By encrypting critical data and demanding compensation for the decryption key, criminals can quickly bring an organisation to its knees.
Research from earlier this year showed that one in five (20 per cent) of medium-to-large UK businesses do not have any contingency measures in place in case of a ransomware attack, while almost half (48 percent) fail to back up their company data at least once a day. Despite the proportion of businesses that are simply not prepared for a cyberattack that could result in the loss of mission critical data, reduced revenues, and a decline in public trust, others are willing to save up in order to pay out.
Interestingly, a third (33 percent) of UK companies are now building a ready stockpile of digital currency, such as Bitcoin, in case of a ransomware attack, while over 35 percent of large firms are willing to pay over £50,000 to regain access to important intellectual property (IP) or business-critical data. With so many businesses preparing for their data to be held for ransom, it’s no surprise that ransomware continued to dominate the conversation at IP EXPO.
EU General Data Protection Regulations
EU General Data Protection Regulations will come into effect from May 2018, forcing many businesses to consider how to best prepare for new requirements. Every organisation will have to make a change, but some will be plugging bigger gaps than others, depending on the compliance processes previously in place.
The new requirements have been extensively discussed, but businesses are quickly realising that while understanding what is required isn’t difficult, successfully putting it into practice may be a challenge. IT must find a way to comply with the GDPR without letting it get in the way of the business or impede business processes. This requires finding a balance between implementing policies and checks, which can help the organisation avoid the hefty fines and reputational impact of falling foul of the GDPR, while ensuring business productivity is not affected.
From ensuring that basic cyber hygiene processes are in place and running regular spot checks to implementing multiple layers of protection, businesses can take simple steps to efficiently update processes and become compliant with the new regulations. Conversations at IP EXPO revolved around which steps to take in order to become compliant.
Not so long ago, many businesses would have hesitated before admitting to being subject to targeted attacks. Yet with cybercriminals increasingly choosing to focus in on taking down specific organisations, businesses are opening up about this trend. This has been largely driven by two main factors. Not only are companies more aware of attacks with increased insights from monitoring tools, but they are also more willing to talk publicly about cyber attacks than ever before.
Consider the powerful cyberattack that almost closed down French TV network TV5Monde in April 2015. The extent of the targeted nature of this attack has only recently come to light. The perpetrators first penetrated the network back in January, carrying out reconnaissance to understand how the TV network broadcast its signals before creating bespoke malicious software to corrupt and destroy the internet-connected hardware that controlled the TV station’s operations.
Targeted attacks are nothing new, but the level of transparency after an attack most certainly is. IT may wonder how much preparation can be undertaken against an unknown targeted attack if cybercriminals are determined on coming after you. It isn’t about attempting the Herculean feat of protecting every single piece of data and system. Instead, organisations need to be able to spot an attack quickly, determine the nature of the incident and try to get the intruders out as quickly as possible. A well-tuned response function in your organisation is vital once an attack occurs.
Intelligence sharing is another key step toward increased protection. Organisations within the same industry, such as critical national infrastructure or government, often share similar types of application or network, enabling them to share useful intelligence when an attack occurs. This can help to protect an organisation against targeted attacks levelled against specific vertical industries.
As cyber criminals continue to launch increasingly sophisticated attacks, it will be interesting to watch how these three trends develop and evolve. Perhaps IP EXPO 2017 will be a different conversation altogether as the threat landscape continues to shift.