1. Threat / Log analytics
In 2017, you would think every company with sensitive data, apps, or on premise servers would be collecting logs. That is not the case, a lot of companies have been attacked and it seems the hackers leave without a trace. So what are logs? According to wikipedia
In computing, a log file is a file that records either events that occur in an operating system or other software runs, or messages between different users of a communication software
In any given system there are many kinds of logs:
- Remote access logs
- Windows Event logs
- Network device logs
- Unix System Logs
- Firewall event logs
- DHCP Logs
- SNMP Logs
- Firewall logs
Logs will always help you seal your weakest points in your systems. If you are smart enough you will collect the logs in a central repository and have alerts setup. If it is all too much, you can hook up your PCs, Servers to send logs to a cloud service that can scan them on your behalf
E.g Azure OMS
the service is amazing as it does all the heavy lifting of scanning the logs and giving you actionable insight before the damage is done. The threat signatures are updated daily by companies like Microsoft who have the manpower.
Lastly, to summarise what logs can do "anticipation-detection-response"
2. IoT Security (End Point devices)
The last 3-5 years as smartphones have taken off, so have smart devices that connect to the internet. From doors, microwaves, speakers, webcams, pet feeders etc.the list could go on and on. However, as this devices are produced in the billions a lot of them are not safe. According to CISCO there will be at least 50 Billion IoT devices in the world by 2020. This will present a Cyber security headache of a magnitude not seen before.
In the last year the world experienced the "Mirai Bot attack" hackers take these devices with very poor security and use them to be part of a botnet which eventually are used to perform DDoS attacks.
Manufactures have been quick to release software updates in the months after advising a lot of end users to update the firmware on the devices. Any investment you make in IoT should be made with a very deep scrutiny in the security protocols the device uses.
TIP: Most old WiFi routers have the default username: admin password: Password (CHANGE THEM AFTER INSTALLATION)
Lastly, cyber criminals will target organisations who do their own spam filtering. A lot of the big E-mail providers: Google, Microsoft, Yahoo have gotten pretty good at identifying Ransom attacks and they are updated constantly to the ever changing tactics they use. However, most organisations who rely on systems that are rarely updated will fall victim more often.
4. Credential Theft
When talking about cyber crime, the topic of Credential theft will always be prominent. A lot of this theft happens without the knowledge of the victim, a lot of times it could be a Phishing attack or malware that was preinstalled on the system. As many different industries bring their systems online, hackers will try and steal credentials from end users and databases regularly. In fact alot of the times when hacking is on the news, it has to do with credential theft i.e. usernames, passwords. The biggest such hack was that of Yahoo in which hackers compromised more than 1 billion accounts. You can read that here. Well for most organisations, a lot of end user training and updating of systems will have to be done to prevent data breaches.
5. Talent Hiring
With all the noise being made about Cyber attacks, Cyber criminals, Cyber Crime its easy to see why this is the year that every company begins to think about hiring an IT Security professional. Over the years whenever IT jobs were advertised it was a standard to find "Network Administrator". This has become normal, but as network devices have become more stable and easy to configure its time the role was changed to a "Security" role.
You will want to hire someone who understands: vulnerability Management, Cyber Analytics, Fraud Monitoring & Malware analysis. Finding these skillsets is not easy and it may involve your company training existing IT Staff.
Are there any trends you feel I left out? Please leave a comment below and share the article