Cyber Security Trends For 2020

We sat down with our Cyber Security expert Umesh for a talk about Cyber Security Trends For 2020.
As many have moved their offices to the living rooms, we see a rise in smart devices in households.
A whole new set of risks have emerged and therefore businesses needs to prepare and adapt the proper protection measures.
Have a look here on what Umesh had to say about the newest threats within cyber, and what businesses needs to be specifically aware of at the moment.

What do you see as the biggest threat for businesses regarding cyber security at the moment?

“I believe the biggest one, or the big few of them, at the moment are social hacking which we see on e.g. Facebook where people impersonate accounts or groups. 
Another threat we have seen at the moment is ransomware- where data is money at the end of the day. Ultimately if the right data is taken, it can be worth quite a bit of money to the employers- and hackers are very aware of that.
From a machine point of view we see a lot of equipment that are outdated, or not patched correctly. Essentially if your machine or its software haven’t been updated for a while, it becomes a big vulnerability.”

What do businesses need to focus on and be specifically aware of with cyber security for 2020?

“The priority at the moment is the malicious links we get in phishing emails. I see so many every day, and they often look like they are coming from your colleagues with a link, or even from suppliers sending an invoice. They do look extremely genuine and therefore comes out as one of the biggest threats. 
Companies should therefore have a policy regarding passwords and how employees should manage these. 
Finally there should be a minimum length, and a complexity required – most important, they need to be updated on a monthly basis.”

What are some of the common cyber attacks we usually see?

“Other than phishing emails, it also happens to a lot of hosted systems. It’s DDoS (Denial-of-Service) attacks and that basically means that your network gets flooded with loads of packets of information – to the point where your external gateways cannot cope with it. Consequently it becomes vulnerable. 
Ultimately your network can crash, and in that way create a way for the hackers to enter your network.
So what you can do, is to put a defence line on your network, which becomes a part of your firewalls and then works as an extra line of defence.
It will stop certain sessions coming into your machine and destroy the threat before it can enter your network.”

Have you noticed any emerging cyber security ’trends’ for 2020?

“Because a lot of people are now using Cloud services – instead of on-premise – you are probably going to see hackers explore Cloud services more. Hackers get in via code injection, which they then can add or extract anything from. 
This is when Penetration testing becomes so important because it basically explores and finds all security threats on your website.
By doing so you can alter and fix the security holes before any hackers find them.
Cloud is still a lot safer than the traditional on-premise services, because your patches always can be up to date. However, it has opened up for a whole new set of security risks which comes from being online. Ultimately this is where it becomes important that your cyber security is up to date.”

What can businesses do to protect their assets ?

One of the biggest and best things are employee training. Employees must be taught to spot a security threat and how to act on it. 
The rule will always be: If you doubt it- don’t click it
Additionally, employees need training in what to do if they actually do click on a link. That they need to get their devices of the network before the whole business can become infiltrated. Most of these attacks happens by accident, when an employee clicks on a malicious link. That’s why the training becomes vital and they need to know how to act when the incident happen.
It only takes one machine to get infected, and then you have to start all over again. Do’s and don’ts for employees can save a lot of time and security threats.

How does the attacks usually happen?

“Most times it does come through the employees accounts. Therefore the best practise is being proactive, installing a decent antivirus software and a monitoring system. The system constantly scans the traffic, and when finding something suspicious it will put it into quarantine. Basically, you get notified before it even hits your inbox and in that way, you can prevent a lot of damage done. Stop it there and then. 
Hackers are clever and keep finding new ways so cyber security should be of highest priority and constantly needs to be updated. “

Want to share it with your friends?