Published on the 07/08/2014 | Written by Newsdesk
While ubiquitous internet connectivity is benefitting businesses, it’s also providing a rich seam for cybercriminals who continue to seek out enterprises’ weakest links…
Cisco’s just-released mid-year security report paints a bleak picture of the extent to which enterprises have so far succeeded in fending off concerted attacks by cybercriminals.
The report cites Ponemon Institute research which shows that in the last year the average cost of an organisational data breach has soared from $US4.5 million in 2013 to $US5.4 million this year.
While the report has not analysed data breach costs on a region by region basis it has for the first time identified by regions those industry sectors judged most at risk. While internationally media and publishing are most vulnerable, in the Asia Pacific/Japan region insurance companies top the list – in part, the report argues, because of the links that these organisations have with other businesses.
The insurance companies are seen as a weak link into networks of connected businesses.
The weakest link approach is a common theme in this year’s report which also notes the continued targeted approaches made to unsuspecting employees who might inadvertently provide information about or access to corporate networks. Social engineering attacks continue to blight organisational security according to the report, fuelled by the information that cybercriminals can gather about company employees from social networks such as LinkedIn.
If socially connected and unsuspecting employees are the weakest human link today, then the internet of things is expected to provide cybercriminals with weak technology links ripe for exploitation in the future.
Cisco estimates that by 2020 50 billion ‘things’ will be connected to the internet with varying levels of security.
Earlier this week HP warned that 70 percent of devices currently used to create ‘internet of things’ networks feature vulnerabilities in terms of privacy settings, authorisation and encryption.
According to Cisco the internet of things will provide what amounts to a source of big data for the black hats, noting: “When adversaries reach a point where they can begin correlating information from different sources – a car, a smartphone, a home automation system – they will be able to gain a much bigger picture about a user than if they were looking at information from only one device, system, or application. These details about users, from their shopping habits to their physical location, will allow actors to launch well-crafted, highly targeted campaigns at a level of sophistication never before seen.”
You have been warned.
