Kiwi businesses will be forced to take a more proactive role to defend their systems this year, as new information security risks bubble to the top and cybercriminals refocus on business attacks.
That’s the word from Eset, with the security company’s Trends for 2015 whitepaper highlighting five main areas of concern: The evolution of advance persistent threats, point of sale malware, information leakage, vulnerabilities and the Internet of Things becoming the Internet of Threats.
Raphael Labaca Castro, Eset security researcher, says as organisations improve their digital connectivity, new avenues for cybercrime open.
“The trick is to make sure your defences are more impenetrable than your peers. By better understanding the threat landscape, you are much better prepared for the unwanted stuff lurking around the corner,” he says.
Lukas Raska, Eset APAC chief operating officer, says as a highly developed and wealthy nation, New Zealanders need to make sure they don’t take security for granted.
“In 2012, Kiwi’s lost over $4 million from phishing and scams. Many forms of cyber-attacks are becoming more sophisticated and harder to detect. This is why it’s vital to use a security suite that can not only detect and block complicated malware attacks, but can also protect against phishing attempts.”
Raska says cybercriminals and hackers are continually finding new strategies to deceive users or bypass protection mechanisms.
“Enterprise must remember the best protection against cyberattacks is by keeping your organisation’s digital processes and policies up to date. The rapidly changing landscape has shown us prevention is the best form of defence,” he says.
“Companies are protecting their information to try to protect business continuity, since corporate valuable information is one of the cybercriminals’ main targets,” the report says.
“The challenge for companies in 2015 lies in the way they will protect their data, their business, and in particular how they will manage to convince employees to become invested in their security programmes.
“In a world where we are increasingly connected and interconnected, where our online lives are inextricably bound to our physical lives, where the bring your own device policy has become commonplace in so many places, users will have to live with a profile for work, and for outside work.
“This user's double profile means that people can be users of different online services such as email accounts, social networks, cloud storage, and so on, and at the same time many of them develop professionally and have access to classified information. They may sometimes even be the ones responsible for protecting the data at companies, governments or other organisations,” Eset says.
“From what we have seen in the last few years regarding targeted attacks, information leakage cases and the evolution of cybercriminals to hijack users’ and companies’ data, we could certainly expect that 2015 will be a year full of challenges for IT security,” the report notes.
“The IT security teams of companies and governments will have to adopt a more proactive role in terms of defences, using different tools to foresee and forestall the possible attacks and rely on education as a means of defence.
“Beyond the probabilities of what can be predicted, it’s clear that businesses will continue to be one of the cybercriminals' main targets, but that is just one of the threats we will need to manage in 2015.”