When I was a teenager, I collected broken electronics and repaired them in my free time. I greatly enjoyed making broken electronics work again. However, as I performed research on how to fix new broken electronics I found, I became fascinated at how quickly technology was changing. While I still fix up broken electronics here and there in my free time, I enjoy learning about the latest technological advancements even more. It seems like there is always a new "gadget" on the market that helps solve a problem that many people have. I recently decided to create a blog to share my technology knowledge, tips, and research on, so come back often if you enjoy technology as much as I do!
For most organizations, cyber security issues are ever-present. This can breed complacency, especially if you feel like your team is blocking and tackling problems at all the right spots. The cyber security landscape never stops evolving, and you must keep ahead of emerging trends such as these four issues.
Attacks Against Lesser Devices
Historically, most hostile actors have targeted servers and desktops. Mobile devices have also become part of the attack surface. However, the rise of IoT devices, networked and managed systems, and the cloud has made lesser and smaller targets more appealing.
For example, a company might have a networked lighting system for the sake of improved automation and energy efficiency. Oftentimes, these systems communicate wirelessly using conventions like Bluetooth or Wi-Fi. Hackers may target these systems for drive-by attacks because the components are often unpatched. Once they peel open the security on the small device, they can then piggyback into the network.
Social Engineering
The social space has always been part of the cyber security environment. However, messaging and social apps continue to expand the attack surface significantly. Organizations often let workers bring their own devices to the job. Likewise, even if a company does issue devices for work purposes, users often install personal apps on them.
In both cases, this overlap between personal and professional social media spaces creates opportunities for bad actors. Someone trying to penetrate a network might gather the contact list for a business and then send texts or private messages to all the firm's employees, for example. An unaware employee will then accidentally click a link in the text message that triggers a payload. Particularly if the employee is currently on the corporate network or accessing its cloud, this can give viruses, worms, and other malware tools an open attack lane.
Data Privacy
Governments increasingly are imposing regulations on the privacy and use of users' data. This is great for the public, and companies should be glad to see the emphasis. However, it makes every breach more than a problem for the customer and the business. Now the company may face significant regulatory and compliance problems or even fines.
Multi-Factor Authentication
The difficulty of modern cyber security challenges has driven many firms to adopt multi-factor authentication systems. By requiring additional authentication, MFA reduces the odds a bad actor can steal one credential and do harm. However, it also leads to implementation and corporate cultural challenges. Organizations need to see MFA as a broad and long-running commitment to protecting their interests and those of their clients and customers.
Share17 February 2022
