The rapid advancement of technology and growing capabilities of the internet has brought us to a much more sophisticated level across different areas: healthcare, business and even our own homes. We’re constantly connected through things like advanced cloud file storage at work to intelligent home assistants in our kitchens. One of the unfortunate trade-offs with our progress includes increased security risks. These connections give hackers more opportunities to invade our privacy and steal our information.
It is fair to say that 2018 has seen a huge amount of cases where both well-known and not so well known brands have seen data breaches that have raised serious questions. With the introduction of GDPR back in May this trend will only continue to rise. This is why you should ensure you don’t miss Kevin Mitnick's session on Wednesday 17 October at Cyber Security Atlanta 2018 .
Kevin knows better than most what motivates those on the other side of the ethical hacking fence and equipped with his white hacker hat, he will illustrate the latest threats and risks most people don’t even know exist.
Just as employees expect to work in a physically safe space, they also expect that their digital work is taking place on a secure network. They want to feel that their hard work crunching company data will be protected from hackers seeking to steal or manipulate the information, and they want to be able to trust that the files they receive from their coworkers are safe. IS professionals are the knights tasked with protecting their companies’ digital realms from invaders to ensure a safe working community.
Just when cyber security professionals figure out how to combat and guard against one type of attack, another stronger malware attacks an unsuspecting — and unprepared — network. Newer, more evolved attacks are designed to skirt antivirus software and firewalls and access a targeted network.
Identity and access management tends to be a balancing act for information technology professionals. They want their networks to be secure, but they don’t want to deal with complaints from fellow employees that it is cumbersome and too time-consuming to log on to a network. For example, frequently changed, hard-to-remember passwords might be a hindrance to workers, but they often are crucial for blocking hackers from accessing a network.
With more and more data stored online these days, hackers have plenty of reasons to attack company networks to modify or steal data and even hold it for ransom. Cybint Solutions , a cyber security and legal support organization, estimates that a cyber attack happens every 39 seconds. This means that companies and websites are being bombarded by malicious users. It’s easier for information security professionals to thwart these attacks when they are launched head-on from the outside. Unfortunately, more and more attacks are occurring on the inside through social engineering, which makes them harder to predict and prevent.
Cloud computing is one of the hottest trends in IT today. Cloud adoption is at its peak, with 81 percent of cloud-using companies employing a multi-cloud approach and only 5 percent of companies not using any cloud solutions, according to Right Scale. The average company accesses about 5 private and public clouds, which can include AWS (64 percent of companies), Azure (45 percent), Google Cloud (18 percent), IBM Cloud (10 percent), VMware Cloud on AWS (8 percent), Oracle Cloud (6 percent) and Alibaba Cloud (2 percent), according to its “2018 State of the Cloud Report .”
As developers are tasked with churning out new applications in record amounts of time, cyber security professionals are left with less time to check for cyber security holes and protect these apps against hackers and other potential breaches. This means that apps often have lengthy windows of vulnerability until cyber security issues are uncovered and addressed. The 2017 “Application Security Statistics Report ” by WhiteHat Security reports that approximately 50 percent of applications are vulnerable every single day of the year.
Hackers aren’t just after your data; they’re after your computer power too. These internet thieves have figured out how to use unsuspecting individuals’ computers to mine for cryptocurrency, particularly the Monero cryptocurrency, for their own profit. This is known as cryptojacking. The process is surprisingly simple: Even a novice hacker can purchase a kit for about $30 on the dark web and start mining, according to Digital Shadows’ report “The New Gold Rush: Cryptocurrencies are the New Frontier of Fraud .” These hackers can access a remote computer through traditional phishing or through a more innovative and less invasive method — by hijacking a computer’s internet browser, CSO reports.
In just two months, the General Data Protection Regulation (GDPR) will take effect in the European Union. This new regulation is not limited to just companies that have a physical presence in the EU, though. Any company that offers goods or services to people in the EU or monitors the behavior of EU data subjects, such as through advertising campaigns, will be bound by this new legislation. These types of companies could include U.S.-based hospitality and travel agencies, software companies, and e-commerce sites. This represents a shift from the current directive and will create challenges for companies that have a digital presence in the EU.