The team at Cognitio works with organizations across multiple sectors of the economy to help reduce digital risks. This work keeps us directly engaged with operational cybersecurity defenders seeking solutions against a wide spectrum of threats. We also publish the strategic cyber intelligence newsletter Threat Brief, which provides forewarning of cyber threats and best practices for mitigating them. This post captures insights from our engagements as well as the daily Threat Brief in a way designed to inform your strategic planning for 2017.
Strategic Threat Trends To Watch In 2017
- The Threat of Digital Swiftboating is Growing: Digital Swiftboating attacks are the rapid use of media, especially social media, to damage brands, sometimes for financial gain (including to benefit activist shareholders or in attempts to manipulate stock price). This type of attack can include specious/unsubstantiated claims that can pose major threats to high profile brands. We expect this type of threat will become one of the most talked about cyber threats in the boardroom. Not all false stories come with the speed of a Swift Boat. CEOs and board members need to have plans in place to limit the damage from any false story and false information.
- More Cyber Attacks Combined with Media Attacks: Executives should especially guard against the combined cyber attack and media attack. Orchestrating false stories in ways that distract leadership and then executing cyber attacks can increase the chance of adversary success. Incident response plans should be practiced in ways that help teams stay agile and vigilant for cyber intrusions and DDoS attacks when false stories are detected. Those firms with agile and proactive media strategies and experienced leadership will stand better chances of weathering these types of storms.
- Weaponized leaks and disclosures of information you wanted kept private can threaten your business: Unauthorized disclosures of information can come from traditional hacking, accidental spills, or the particularly insidious leaking by trusted insiders or business partners. All indications are that these types of attacks are on the rise. Now is the time to think through your data classification strategy and the encryption and controls around your most sensitive data. Also think through how you will respond to incidents in ways that mitigate damage.
- Cyber Attacks Will Be As Sophisticated (or not) as They Need To Be: The point here is to remind you that it is not just the new and elegant attacks that will threaten you. If an attack works against you it does not matter if it was sophisticated or not. Most attacks we are seeing today, unfortunately, had very humble beginnings. For example, over the past several years the efficacy of phishing attacks has shown that this is a typical, easy attack that yields good results for adversaries.
- Your Anti-Phishing Attack Training Program Will Have Great Metrics, But Will Lack Efficacy: Training on lower level of attacks like phishing can help and is important, but prepare for the training to let you down. The bad guys are going to find a way to play off the good nature of your employees to trick them into clicking something. The link may come via email, Twitter, Facebook or even a phonecall or letter for your employee to type into a browser. A well-intentioned user will be deceived into clicking on a nefarious link to a malware-infected site.
- Ransomware Continues To Evolve: The many variants of ransomware in the wild today will continue to evolve with features designed to keep this insidious form of malware productive for cyber criminals. It will be more covert, will have more channels into your organization, be able to spread further to servers and backups, and will have new ways of threatening your core business unless you pay up. The C-suite needs to consider scenarios where this growing threat holds your core data at risk. What will your response be? What can you do to mitigate the chance of ransomeware spread?
- The Internet of Things Poses Threats Many Are Not Anticipating: Businesses of all sizes are thinking through how to better secure their infrastructure with multiple new devices now joining it. But the coming Internet of Things also poses new external threats. Consider, for example, that your clients are soon going to have hundreds of devices connected at their home, in their vehicle, and in their clothing. Those customers are going to want to interact with you in ways that are most convenient for them, including via many new IoT enabled channels. You will want to reach them via any path easy for them so that they chose you over your competitors. How will you do that without opening new security vulnerabilities? And for firms in the finance and medical fields, if you have a client, member, or patient with your data on their home devices, and if it gets compromised, could that cause damage to your brand even if it is not your fault? IoT is also being used for DDoS attacks on infrastructure, which can be mitigated with careful planning.
- The Industrial Internet of Things introduces new threats, including to your supply chain: New approaches to manufacturing are here, but unfortunately security approaches are not keeping up. Executive leadership of firms in the manufacturing sector should ensure this is a topic high on the priority list to mitigate. This includes keeping awareness of how your supply chain operates and manufactures their pieces of your solutions.
Our view on the above: All businesses today operate in a very dynamic threat environment. Automation and agility in defense and response is a key strategy for 2017. Preparing for this agility is a priority that should be addressed not just by the security and IT team, but by boards and the line of business executive teams. Mitigating the new and evolving risks to business is a team sport.
Remember you can put Cognitio on your side in mitigating the digital risks to your business.
We would love your views, comments or questions on these trends. Contact us using the form below: