Data cited in a recent study found that 93 percent of data breaches are down to the actions of employees, who, in the vast majority of cases, have absolutely no malicious intent. But with data breaches costing businesses so dear, those are innocent mistakes you cannot afford to make.
This is our guide to the leading cybersecurity threats your business faces in 2019…
1. The insider threat
By far and away the greatest threat to your business comes from your own employees. Malicious links that are distributed via email and are innocently clicked on by employees are the single biggest threat you face. Poorly guarded usernames and passwords, inconsistent adherence to IT policies, the use of personal devices for work purposes and malware that’s distributed via social media accounts are just a few of the ways an employee-aided attack can take place.
Although it’s responsible for a far smaller number of attacks, businesses also face a risk from the malicious insider. Whether it’s an employee who no longer works for the company but still has access to business IT systems, or those who want to profit from the use of privileged account credentials, insiders have the potential to cause a tremendous amount of damage and unfortunately, that will continue in 2019.
There’s certainly nothing new about ransomware, but it still ranks right at the top of the cybersecurity threats businesses of every size face in 2019. A Verizon Data Breach Report published last year found that ransomware was still the most common form of malicious software, accounting for 39 percent of all corporate attacks where malware was identified.
A ransomware attack involves hackers getting encryption malware on a business’s network, usually by way of phishing emails that contain bogus links. Once it’s on the network, the malware encrypts files so they can no longer be accessed by the user. The attackers then offer to give the business the encryption key in return for a fee. However, as you might expect, paying the ‘ransom’ does not always lead to the ransomware being removed.
3. A lack of cybersecurity skills
Undoubtedly one of the biggest threats today’s businesses face is the dearth of professionals with the cutting-edge skills required to defend businesses from attacks. As we enter 2019, research shows that the skills gap is getting worse, and in fact, more than half of organisations report a ‘problematic shortage’ of cybersecurity skills which is continuing to increase.
The CEO of www.lynxpro.com, a firm that sources cybersecurity professionals for UK businesses, said: “The UK is currently suffering from a brain drain when it comes to cybersecurity skills, and that could worsen if Brexit causes cybersecurity experts from the EU to seek opportunities elsewhere. That said, one positive is that more women are now entering the industry than we have seen previously, and we’re hoping that will start to close the cybersecurity skills gap.”
One of the most recent cybersecurity threats businesses face is the rise in cryptojacking. Although it’s still relatively rare, it is predicted to be one of the fastest growing threats in 2019. Hackers use cryptojacking malware to hijack enterprise computer equipment for the purpose of mining cryptocurrencies.
It used to be the case that cryptojackers tended to target small consumer devices, but now they’ve switched their attention to much more powerful enterprise networks. If an attack is successful, the potential damage can be huge, crashing applications and even damaging business hardware.
Your first line of defence
Companies need to continue to add cybersecurity skills to their team. However, the first line of defence that many businesses overlook is employee education. Making sure employees understand how common cyberattacks take place and the damaging impact they can have on the business is essential. After all, it only takes one employee to click on a malicious link to do irreparable damage to your business’s brand, its reputation and your bottom line.