Visibility Key to Thwarting Changing Threat Profile
Visibility Key to Thwarting Changing Threat Profile

Right now, we are on the cusp of major change – the expansion of mobile device options, BYOD, the cloud, and the decentralization of IT. Many of these changes are only in their infancy in terms of their current impact on the corporation. In four years time, the technologies we use and the threats they present will be entirely different.

The McAfee Labs 2017 Threats Predictions report explores what the expected top threats for 2017 and also looks forward to how the threat landscape could change in subsequent years. Reflecting the opinions of 31 Intel Security though leaders, the report identifies 14 threat trends to watch, the 6 most difficult-to-solve challenges in cybersecurity, and the need to change the “rules of the game” between attackers and defenders.

Some of the 2017 predictions include:

  • Ransomware attacks will decrease in both volume and effectiveness
  • Mobile attacks will combine mobile device locks with credential theft, allowing thieves to access bank accounts and credit cards
  • IoT malware will continue to grow, opening back doors into homes and offices
  • Social engineering attacks will become more sophisticated thanks to machine learning
  • Hardware attacks will increase

According to the report, trust in the cloud has increased in the past 3 years, leading more and more sensitive data being moved to the cloud. The presences of data in the cloud will make the cloud a primary target for attackers. Comparing Q2 2016 to Q2 2015, there was a 129% increase in total DDoS attacks on the cloud. It’s important that organizations realize moving data to the cloud does not offload corporate responsibility for data security.

The McAfee report also addresses the  growth in the IoT market, expected to grow from 15B devices in 2015 to 200B devices by 2020, and the corresponding growth in IoT threats. Unfortunately, given that most IoT devices have limited security or update capability, or are insecure by default (such as using unencrypted network services), these threats cannot be mitigated following standard data protection practices.

“To overcome the designs of our adversaries, we need to go beyond understanding the threat landscape to changing the defender-attacker dynamics in six key areas: information asymmetry, making attacks more expensive, improving visibility, better identifying exploitation of legitimacy, improving protection for decentralized data, and detecting and protecting in agentless environments.”

As the report indicates, organizations that want to respond to these threats need to improve their visibility.

“Too often, organizations learn how well their assets are protected after they suffer a breach. Shadow IT, clouds of all types, and the bring-your-own-device movement further obscure visibility into the effectiveness of security operations… Almost no company will claim that they have a solid grasp of information asset locations and controls. So we need to help organizations improve their security visibility.”

Tools that help improve visibility can help organizations “more effectively quantify their risk profile, identify critical gaps, and appropriately focus resources.” Translating that visibility into action is also key.

Providing visibility into your entire endpoint security stack is what we offer in Absolute DDS. With Absolute DDS, you can easily determine the status of complementary security applications such as SCCM, encryption, and anti-malware applications, in addition to monitoring the endpoint itself. Monitoring for suspicious user or device activity (such as attempts to change the firmware, devices moving out of a geographic region, unusual user behaviour, the presence of sensitive data on the device or in the cloud) and the persistent ability to remediate those threats, including automatic zero-touch reinstallation of key security applications, can help keep data out of the hands of cybercriminals. Learn more at Absolute.com