As many had predicted, 2018 has been rough ride for many organisations trying to keep their reputation intact and fend off lawsuits and fines. The year is far from over, and we’ve already seen over 53,000 incidents and 2,216 confirmed data breaches.
In April, Saks, Lord & Taylor suffered a breach exposing credit card details of five million users. In May, 150 million records were breached from MyFitnessPal – an app that monitors the diet and exercise of its users. And let’s not forget about the indelible Facebook breach, where more than 87 million records were scraped by political consulting firm, Cambridge Analytica.
So, what are companies doing to combat the torrent of online depravities? Below is a round-up of the three most important trends we’ve seen in 2018.
Improved Cloud Security
There’s no doubt that cloud computing is taking off in a big way, and with that comes a number of unique security challenges. However, most of the security issues that we see are not directly related to the technology itself, but the customers that use them. For example, according to Gartner, “95% of cloud security failures will be the customer’s fault”.
One of the main challenges we face when pushing operations onto the cloud relates to the poor authentication methods that are often used. To overcome this issue, organisations are choosing to implement more robust authentication protocols such as two-factor authentication (2FA), which includes a combination of something you know, something you have, or something you are. This could include biometric data such as fingerprints and facial recognition, or perhaps some kind of hardware device.
These factors can be combined with security questions and passwords to provide an additional layer of security. In addition to improved authentication methods, cloud auditing solutions have come a long way in the last year – providing cover for Office 365, Amazon S3, Dropbox and many more.
A Greater Focus on Insider Threats
According to recent report by Kaspersky Lab, over half of the companies they surveyed believe that they are at risk from insider threats, and that “careless or uninformed employees contributed to 46% of cybersecurity incidents in the past year”.
The good news is that an increasing number of companies are waking up to the importance of monitoring user behaviour. This includes using automated tools to detect, alert, report and respond to privileged account access, suspicious file and folder activity, unauthorised mailbox access and inactive user accounts.
Additionally, such tools can automate the process of reminding users to reset their password and respond to events that match a predefined threshold condition – such as the bulk encryption of files or anomalous login failure.
Of course, technology alone cannot protect a company against insider threats. They must also educate employees on data security principals and policies, and highlight common security threats, as and when they arise.
Wider Adoption of AI and Threat intelligence
There is, and has always been, a serious shortage of IT security professionals. In fact, some research has suggested that the skills shortage is actually getting worse. Of course, this problem cannot be solved overnight.
To combat this, an increasing number of organisations have been leveraging technologies that are capable of detecting security threats with the least amount of human intervention possible. As it stands, most organisations lack the ability to differentiate between a legitimate user, and an attacker using stolen credentials.
AI enables organisations to detect potential risks by analysing patterns of behaviour, and then correlating these patterns to a pre-compiled database of typical usage patterns. These patterns could include anything from typical working hours, typical access to files, folders, email accounts, and so on.