In the contemporary commercial world, few issues morph and evolve year after year in the way that cybersecurity does. Not only is the persistence of hackers and viral attacks seemingly never ending; we also must consider that, regardless of their size or industry, the average business has more sensitive data and greater levels of digital infrastructure to protect than ever before.
It might seem logical to think that the biggest threats to cybersecurity come mainly from external sources - from hackers and malicious programs that are looking to infiltrate your security system and steal whatever key information they can find. In 2017, this isn't necessarily the case.
According to the Harvard Business Review, that the success of attacks is equally dependent on the people and employees within these businesses. So, is it human behaviour or malicious programs that pose the biggest threat to modern cybersecurity? Let's take a closer look at these two key factors.
Protecting The Internet of Things (IoT)
From laptops to backup servers, smartphones to tablets, it seems like every year there are dozens of new devices added to the increasing realm of IoT. And while maximum connectivity between devices is an impressive prospect in many respects; it also leads to a new set of inevitable security challenges, particularly for businesses that operate a large number of devices as part of the same digital network.
One particular threat growing in line with IoT development is that of botnet DDoS attacks. Also known as a "zombie army," these botnets are effectively groups of hijacked internet-connected devices that are controlled via malware from a remote location that has nothing to do with the location of the devices themselves. The clandestine nature of these attacks means that the device's rightful owner may be completely unaware that their device is performing several unsolicited tasks at any time, even while they are using it.
Cyber security providers remain dedicated to naming and shaming any identified botnets - such as Mr Black, Cyclone or Nitol, known by the malware kid that created them rather than the people who control them, as the latter largely remain unidentified. Protection from botnets is provided to webmasters and network administrators in the form of cloud-based DDoS protection services.
On the other side of a very interesting coin is human error. Several surveys have been conducted in recent years - notably the Ponemon Institute in 2015, and Nuix in 2016 - that reveal the extent to which human behaviour and employee negligence impact the average business' digital security system. This is particularly relevant in the IT, banking and healthcare industries, where there may be a significant amount of sensitive data stored on one particular system.
There are are many human factors that may lead to a data breach. For instance, if an employee uses their own personal computer for work and does not update their password regularly or download OS security patches when they are released, they leave themselves (and the company) more susceptible to attacks. This puts the onus on managers to ensure a policy through which their staff have access to sufficient training that makes them aware of the issues they themselves may cause to the wider business.
All things considered, keeping data safe and ensuring the correct level of digital protection and firewalls are activated is certainly a must in today's digital world. But if businesses want to remain as protected against cyberattacks as possible, they also need to address their own training policies around digital security and ensure that their employees stick to it.
