2009 is expected to continue the 2008 trend of increasing size, scope, and concentration of security attacks on computer networks nationwide. The volume of attacks from international sources will continue to increase, as will the sophistication of application level attacks such as SQL injection, buffer overflow, and cross site scripting (XSS). These will be directed towards high traffic websites (news sites or social networking sites) that when compromised will install malware to a large numbers of users. Bandwidth consumption will percolate higher in the list of IT challenges for organizations of all sizes as more and more users download HD video and graphics rich content. The top nine threats and their corresponding solutions/New Year’s Resolutions are listed below in descending order of severity. Each threat is ranked by status as a Rising, Steady or Weakening Threat.
“For the past several years I have listed what I believe are the top threats but this year the list is different,” said Kevin Prince, Chief Architect, Perimeter eSecurity. “This is largely due to the current economic, political and legislative environment in the US as well as the type and volume of information that is now available on the Internet. It doesn’t have to be all doom and gloom, however. By identifying these threats we can limit our exposure to them. As always, with data security, it isn’t so much about having more as it is about having the right stuff.”
Top 9 IT Security Threats and Solutions:
Threat #1 Malicious Insiders (Rising Threat): Employees with malicious intent have always been the biggest threat to their organizations.
• Resolution: Conduct Employee Security Awareness Training: Raising the awareness level of employees through mandatory, monthly online courses is a terrific way to remind them that security is everyone’s responsibility. Choose a training program that offers up-to-date courses, ensures users understand policies and procedures, and provides reporting to management.
Threat #2 Malware (Steady Threat): Malicious software can include viruses, worms, Trojan horse programs, etc. but most importantly websites that host malware, which has become the most prolific distribution method.
• Resolution: URL Filtering, Patch Management and Other Protections. Proactively manage the sites where employees are allowed to surf by limiting them to safe, approved sites from reputable web publishers. Employ Patch Management and system AV & spyware protection to combat the malware threat.
Threat #3 Exploited Vulnerabilities (Weakening Threat): Hackers find a weakness in a commonly used system or software product and exploit it for their gain.
• Resolution: Implement Comprehensive Patch Management: Often some of the most sensitive data are on non-Microsoft systems such as Linux, UNIX or Macintosh. Invest in a patch management solution offering full visibility into your network and covering all operating systems and vendors, not just Microsoft. Consider host-based intrusion prevention (HIPS) which can monitor your system looking for anomalous behavior, applications attempting to be installed, user escalation, and other non-standard events.
Threat #4 Social Engineering (Rising Threat): With hacking you are compromising a computer, but with social engineering you compromise a human by tricking him/her into supplying personal information and passwords. Any method of communication will be used to perpetrate this fraud including telephones, mobile phones, text messaging, instant messaging, impersonation of support/vendor staff and social networking sites.
• Resolution: Social Engineering Testing: In addition to employee training (see above) to raise awareness you can hire a firm to come in and test your employees for their resilience to social engineering. A 3rd party can use mock scenarios to assess your vulnerability to a real attack.
Threat #5 Careless Employees (Rising Threat): Mistakes made by careless or untrained employees can lead to a significant security compromise. A poor economic climate puts strains on employees causing them to cut corners or important duties. It can also lead to less formal employee training.
• Resolution: See Employee Training above
Threat #6 Reduced Budgets (Rising Threat): A weak economy leads companies to tighten their budgets, which results in less headcount and less money for upgrades and new systems.
• Resolution: Consider Opting for a Software-as-a-Service (SaaS) Solution to Cut Costs. A company that has traditionally kept their security management and monitoring in-house may use this as an opportunity to look at the cost benefits of outsourcing it to a leading security firm. Choose a provider that offers a broad range of services, is financially, viable and is audited by multiple independent 3rd parties.
Threat #7 Remote Workers & Road Warriors (Steady Threat): Telecommuting and mobile workers are on the upswing.
• Resolution: Use The Same Systems For Telecommuters As For On-Site Employees. Don’t forget to install security on your remote VPNs. Make sure that remote users use company issued systems with updated security patches and web content filtering. Provide easily accessible on-call tech support so that employees don’t resort to fixing things themselves and possibly disabling necessary security measures. Isolate work computers at home from the kids who can download threats along with their games.
Threat #8 Unstable 3rd Party Providers (Rising Threat): While there is an increase in IT security expenses required to keep up with the growing threatscape and regulatory environment, there is a decrease in revenues in the market. This may lead many providers to go out of business or cut corners that could lead to a security compromise.
• Resolution: Consider Streamlining Your 3rd Party Providers. Ensure that you are using providers that have been in business for a long time, have seen hard times before and have been regulatory focused for years. Ask for audited financials and ensure your provider is profitable. Choose a firm that can offer you multiple solutions via one integrated portal to gain the benefits of economies of scale and reduce the burden on existing IT staff resources.
Threat #9 Downloaded Software Including Open Source and P2P files (Steady Threat): IT administrators may download and install open source software or freeware in an attempt to save money, which can lead to a huge waste of time in software configuration in and fine tuning or a data breach.
• Resolution: Limit Download and System Update Administration to a Trained IT Professional. Don’t allow users to download and install software on their desktops. Regularly update system AV & Spyware Protection. Consider host-based intrusion prevention (HIPS) which can monitor your system looking for anomalous behavior, applications attempting to be installed, user escalation, and other non-standard events but make sure that only IT managers have access to this.