As part of our Security Sector Spotlight, PCR sat down with Catalin Cosoi, chief security strategist at Bitdefender, to find how the boom in IoT could lead to more security issues for consumers and businesses.
What have been the biggest security threats to businesses over the past year?
Cyber threats targeting businesses have not drastically changed in the past year. What has changed is the severity of the consequences, as more personal devices connect to enterprise networks.
Over the past year, cybercriminals have also taken advantage of exploits in widely used software to deploy malicious code and infiltrate company networks.
We have also witnessed an alarming number of rogue insiders or uninformed employees who fell victim to phishing attacks.
How about consumer threats?
Ransomware has made headlines this year, as more consumers were targeted through phishing and other social engineering schemes.
According to the FBI, the main ransomware threats (CryptoWall and other variants) inflict at least $1 million damage each month.
Other omnipresent dangers in the threat landscape include financial malware attacks targeting both desktop as well as Android and even iOS users.
How can we expect cyber threats to evolve over the next 12 months?
Threats are usually unpredictable, but we can expect more mobile malware to plague devices and to see an evolution in IoT attacks, such as smart automobile hacking.
All signs point to the vulnerabilities associated with the IoT movement to be on the rise.
Manufacturers produce thousands of these smart devices without thinking of the security implications beforehand.
What are Bitdefender’s top three security tips for businesses?
Three of the most important security measures a company is advised to take are:
1. Install, configure and maintain an advanced enterprise security solution.
2. Educate employees in good computer practices, in identifying social engineering attempts and spear-phishing emails.
3. Regularly backup data.
How are new products and trends affecting business and consumer security?
Current IoT security is still in its infancy, as a multitude of new products hits the market without being properly tested.
These systems are able to gather and share huge quantities of sensitive data, which raises serious concerns over data privacy. And, unfortunately, most of the time, IoT devices are not designed with cybersecurity in mind; the software they run has flaws in access control, device authentication, firewalling and the updating process. These could expose the user to data theft and other threats.
Throughout November, PCR is running a dedicated Sector Spotlight on Security – Click the logo below for more articles