Cybersecurity is of the utmost importance for both the individual and companies. More and more, we realize that cyberattacks are an imminent threat.
The smarter companies in the marketplace understand that in today’s data-driven world, there are serious threats that must be addressed head-on. These companies often make strategic decisions about how to safeguard their business. So then why is there such an increase in the cost of data breaches among companies?
According to the study, slow response time and lack of planning was the biggest factor associated with the cost of data breaches.
“Awareness and education are the most important ways to stay vigilant. It’s not hard to make the right decision if you understand the risks. Most users we speak with want more information about how to better protect themselves and their company,” says Jonathan Dale, Product Marketing Manager for MaaS360, IBM Security. “A classic example here is the common knowledge of not clicking on a link unless you know and trust the sender. With the increasing sophistication of phishing attacks, this is becoming more and more difficult.”
A company that does encounter a data breach should act accordingly. Here are some things they should do, according to IBM:
- Work with IT or outside security experts to quickly identify the source of the breach and stop any more data leakage
- Disclose the breach to the appropriate government/regulatory officials, meeting specific deadlines to avoid potential fines
- Communicate the breach with customers, partners and stakeholders
- Set up any necessary hotline support and credit monitoring services for affected customers
Mobile security threats
When we think of mobility, we think of the ever-growing need for on-the-go convenience. As a society, our desire for convenience has grown has also left us susceptible to attack.
“Users now expect complete and untethered access to resources regardless of device, form factor or location,” says Dale. “This drives users to make risky decisions and open the door for threats and attacks.”
Examples of these risky behaviors include connecting to unknown public Wi-Fi networks without a company VPN or uploading documents into non-approved file sharing platforms.
At IBM Security, teams work diligently to come up with new and more effective ways to counter cyber threats and attacks. For example, earlier in the year IBM announced Watson for Cyber Security, a cloud-based version of the company's cognitive technology that’s trained on the language of security. IBM will join up with eight universities this fall to expand the collection of security data that it has trained the cognitive system with. According to IBM, training Watson for Cyber Security is crucial to the advancement of cognitive security. Watson is now learning different distinctions and varieties of security research findings and discovering patterns and evidence of hidden cyberattacks and threats that could potentially be missed.
Watson for Cyber Security is designed to provide insight into emerging threats, as well as recommendations on how to stop them. This is intended to increase the speed and capabilities of security professionals. IBM will also incorporate other Watson capabilities including the system’s data mining techniques for outlier detection, graphical presentation tools and techniques for finding connections between related data points in different documents. According to IBM, Watson will be able to find data on an emerging form of malware in an online security bulletin and data from a security analyst's blog on an emerging remediation strategy.
“Even if the industry was able to fill the estimated 1.5 million open cyber security jobs by 2020, we’d still have a skills crisis in security,” says Marc van Zadelhoff, General Manager, IBM Security. “The volume and velocity of data in security is one of our greatest challenges in dealing with cybercrime. By leveraging Watson’s ability to bring context to staggering amounts of unstructured data, impossible for people alone to process, we will bring new insights, recommendations, and knowledge to security professionals, bringing greater speed and precision to the most advanced cybersecurity analysts, and providing novice analysts with on-the-job training."
On a more personal level, IBM Security offers mobile solutions for companies and individuals such as MaaS360 for the security of smartphones, tablets, and laptops. According to Dale, this enterprise mobility management solution helps IT enable users to be productive while, providing the capabilities to secure the device, apps, and content. MaaS360 also provides protection from advanced threats like malware.
And as threats continue to increase and change their shape, the company will also need to continue to evolve.
“It is no longer good enough to just rely on stand-alone enterprise mobility management (EMM) functionality. IBM is integrating EMM functionality with Identity and Access Management for more seamless and secure authorization, integrating with threat protection to detect and remediate the growing threat of malware, and integrating with security information and event management systems for greater security intelligence,” says Dale.
For individuals, it’s important to remember that there are certain steps that can be taken independently of any company solutions. This includes never installing apps from unauthorized third-party app stores-- instead only download and install apps from authorized app stores like Apple, Google, or Microsoft. And also, always use a VPN to protect sensitive information and don’t connect to unknown public Wi-Fi networks.
“From an IT standpoint, mobile security is all about protecting sensitive corporate and customer information," says Dale. "The threat of data loss keeps everyone awake at night. From a user perspective, privacy is top of mind."
For even more information, view IBM’s 2016 Cyber Security Intelligence infographic and download the report.