Friday, March 4, 2016

Top 4 Security Concerns of 2016 and How to Prepare Yourself

Top 4 Security Concerns of 2016 and How to Prepare Yourself

Each year technology is getting smarter, smaller and more ubiquitous.  This technology is empowering a more productive workforce, but it is also empowering hackers with more tools to disrupt and plunder businesses and individuals. So what are these threats and what can you do while at work or home to prevent a breach? Keep reading!
1.  Social Engineering and Phishing Attacks Increase.

In an ever increasing arms race between information security professionals and the global network of hackers, hacktivists, and script kiddies the good guys have managed to develop a myriad of technologies to stop them in their tracks.  But there will always be an Achilles heel to this technology that can never be removed entirely from the loop - the human element.  Phishing, phone scams, and other social engineering techniques are proven and reliable ways for criminals to gain a foothold in any company.
What can you do about it? 

Slow down - Thinking before you click is always the best option.  Do you really need to click on that hyperlink from an unknown sender? Hover over any hyperlink to make sure it is going to a trusted location.

Double Check the “To” line - Have you double checked who you are replying to in an email?

Question callers - Should you go to a web page that some random person on the phone just instructed you navigate to?  The answer is no.  More often than not, IT staff will reach out to people who have contacted them first.

2.  Smartphones Make A Smart Target For Attackers

According to a 2015 Pew Research study nearly two thirds of Americans now own a smartphone.  From a smartphone you can bank, buy food, get a ride home, or track your fitness. These devices provide a staggering amount of information about you and the world around you, but they can also provide would be attacks with a treasure trove of information if they gain physical or virtual access to your device.  How can you prevent this access?

Harden your phone - The best way to prevent physical access to your phone is with a simple lock screen.  Most phones these days offer many quick and easy ways to lock your device.  Pins, patterns, pictures, and fingerprint scanners are available on many models of phones.
There is no such thing as a free app - Many free apps include ads to generate revenue.  These ads may or may not be policed and could take you to a malicious site if you intentionally or accidentally click on them. 

Practice app austerity – Do you really need 40 apps on your phone? Try removing old/unused apps and also be sure to do a bit of research (read negative reviews or google the app) before you install something on your phone.  While the vast majority of app developers are not malicious they may still collect a ton of information about you.  This information could be exposed if they are hacked.

3. Does My Toaster Have A Virus?  The Internet of Things (IoT) Is Almost Here

Did you get a smart TV this Christmas? How about a smart watch or maybe a smart fridge?  These types of devices are all part of the Internet of Things (IoT).  As with any connected device, the more popular the device, the more likely it is to be the target of attacks.  There are very few known vulnerabilities for these kinds of devices, but that doesn’t mean they are invulnerable from attack. 
Keep your device up to date - If you own one of these devices make sure to be vigilant and keep your device software up to date. Be sure to keep an eye out for news about possible vulnerabilities that could compromise your device.

4. Small and Medium businesses will become a bigger target for cyber criminals

A recent PricewaterhouseCoopers report revealed that 74% of SMBs experienced a security issue in the last 12 months, and this number will only increase due to SMBs being perceived as easy targets.  If one of your business’s clients or partners gets compromised their relationship with your company could be leveraged to social engineer your companies employees. 
The most likely avenue of attack would come from phishing emails or fraudulent phone calls coming from compromised email accounts or phone systems.  See item number one on how to prepare for this kind of attack.

Which of these threats concerns you the most?  Please discuss this, and anything else in this article below!