According to a recent report from the Internet Society’s Online Trust Alliance, hackers made an estimated $45bn from cyberattacks in 2018. With the number of cyberattacks increasing by 50% in 2019 compared with the previous year, it is imperative that organisations take their cybersecurity measures seriously.
Regardless of how the cyberthreat landscape evolves in the future, it is clear that businesses will need to invest additional resources and skills to protect their data.
In light of this, Heficed, a London-based company offering flexible and custom IP address infrastructure solutions, cloud services and dedicated servers, has laid out three key areas organisations should focus on for the rest of the year in order to keep up with new cybersecurity threats.
Increased attacks on cloud infrastructure
With the cloud computing market predicted to grow to over $200 billion in 2020, it has become the go-to network infrastructure for many businesses. However, according to Heficed, some organisations are not paying close enough attention to the safety of their data.
According to Skybox Security, there has been a rapid rise in vulnerabilities in cloud containers. Furthermore, last week the Financial Times reported that Israeli cyber-intelligence firm NSO Group has software capable of hacking cloud software (which NSO has denied).
Vincentas Grinius, CEO of Heficed believes that organisations should be aware of the risks, especially when using a third-party provider:
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
“As a cloud provider, we are aware of the rising number in DDoS attacks globally, as well as other attempts to breach the security of the cloud. Per usual, the more access points are available within a platform or data stored on the cloud, the higher the risk. If using third-party solutions, enterprises need to pay extra attention to securing their data. When it comes to the cloud providers, their customers need to make sure that their provider is putting the effort in properly segmenting their servers, so that an attack on one customer wouldn’t compromise the whole platform.”
Vulnerability of IoT networks
Another IT industry on a steady rise is the Internet of Things, which is predicted to double by 2021 and reach $520 billion. As is expected, this growth has led to a rising number of cybersecurity attacks on IoT devices with vulnerabilities.
Earlier this month, for example, it was reported that a security flaw in Zipato smart home devices could allow hackers to unlock homes.
“From a network infrastructure point of view, every connected device might be a potential threat,” added Grinius. “Phones, smartwatches, even smart home appliances, among other devices, might be used as access points and compromise whole networks. If the users do not update their devices regularly and take other precautions, they could be responsible, even without knowing, for enabling potentially damaging network-wide cybersecurity threats.”
Dangers of phishing
According to Verizon, 32% of all data breaches in 2018 were connected to phishing, with it remaining attack of choice for many cybercriminals. As this type of attack relies on human error, it is essential that organisations ensure good cybersecurity practices are rolled out throughout businesses.
“To successfully tackle phishing, companies will have to invest in tools that monitor employees’ email traffic more closely, in making sure the systems used are always updated, and in cybersecurity training plans that would make employees aware of the threats and how to behave when confronted by them. A training plan like this could include a phishing simulator and constantly updating the employees on new phishing methods.”