2017 is the year when Global IT Forums are putting efforts to drive awareness of cyber security risks which in fact a high risk but very low focus Let's have a look on some of the some of the leading causes of data leakage & cyber threats. Key points as follows:
1. Organizations are failing to cover the cyber security basics
An NTT Group report showed that the top ten external vulnerabilities accounted for nearly 52% of all identified external vulnerabilities. Something as simple as applying available updates for operating systems and applications could prevent basic exploits.
2. Exploit kits continue to threaten organizations' defenses
According to Microsoft, exploit kits account for 40% of the most commonly encountered exploits. 2016 was characterized by a change in the exploit kit (EK) environment.
3. People are the weakest link when it comes to cyber security
Worse than external attacks are malicious insiders, because they take advantage of their position within the company and their privileged user access to gain information for their own use – often with a financial motive.
Verizon reports that privilege abuse is the leading cause of data leakage by malicious insiders. To help manage this risk, every company should know where its data is and monitor the activities of authorized users.
4. Phishing costs businesses:
Disruption of employee activities, malware infection, compromised accounts and loss of data are all consequences of phishing attacks. Lost employee productivity is the largest cost associated with phishing, in the range of $1.8 million for a 10,000-person company, as Ponemon Institute reported.
5. The ransomware business is still booming.
According to an August 2016 report from Osterman Research, almost one out of every two participants indicated that their organization had suffered at least one ransomware attack in the past 12 months. The report identifies that emails with malicious links and attachments account for 59% of ransomware infections. Users are more than twice as likely to be infected by clicking something in an email than by visiting an infected website directly.
6. The risk from OAuth connections is growing amid an app explosion
Non-sanctioned applications create a risk for enterprises. They connect with the corporate infrastructure and can communicate freely with the corporate Cloud and software-as-a-service (SaaS) platforms at the point that users grant access through open authentication. According to Cisco, 27% of 222,000 assessed applications present a high-risk.