In-depth

Top 10 threats facing the enterprise - Part Two

Here's the second part of our look into the most serious threats facing organisations today.

In part one of our countdown of the top 10 enterprise security threats, we looked at some serious dangers, like targeted attacks and super sophisticated malware.

In part two, our security industry experts cover everything from insider threats to supply chain insecurity.

6. The Insider Threat

In a recent survey by Cyber Ark, it was found that some 44 per cent of IT staff admitted to accessing data not directly related to their role, and another 31 per cent confessed to using admin passwords in order to gain access to confidential or sensitive data.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

If that were not worrying enough for the average enterprise, it gets worse when you take into account that such insiders are often the very people most familiar with and therefore best placed to exploit network security controls.

"Associated with this insider threat is the need for organisations to implement comprehensive activity monitoring," advised Cyber Ark's Mark Fullbrook.

"Go beyond access control and privileges enforcement, and actually record and track the precise actions that were performed on which assets and by whom," Fullbrook suggested.

"Do that, and the enterprise should be able to integrate operational data and security analysis, providing a complete overview of their systems. Overall, if businesses are to mitigate the insider threat, they must look to invest in appropriate technology that ensures information is stored securely." Businesses also need systems that log and monitor all privileged identities and activities, Fullbrook concluded.

7. Mobile Device Security

The consumerisation of the smartphone and tablet computer is a real enterprise security hot potato at the moment, and for good reason.

Advertisement - Article continues below

Actually, a couple of very good reasons, as Dimitri Sirota from Layer 7 Technologies explains: "More individuals store personal information on their devices that could be stolen, and this risk will only compound as mobile devices become more popular payment technologies. Secondly mobile devices could bring Trojan horses into the enterprise as compromised apps provide a backdoor into enterprise systems."

The consumerisation of the smartphone and tablet computer is a real enterprise security hot potato at the moment, and for good reason.

There are as many different approaches to mobile device security as there are MPs at a free lunch, but the most effective include locking down access to the device, isolating different apps using a virtualisation layer and implementing SSH clients for secure tunnelling into the enterprise.

However, as Sirotafrom warned, much still depends on the OS vendors and the application approval process. The industry remains in its embryonic days.

Advertisement
Advertisement - Article continues below

8. Log Analysis (what log analysis?)

If your business is subject to Payment Card Industry Data Security Standard (PCIDSS) compliance, then you should already be aware of the requirement to monitor your logs.

Advertisement - Article continues below

Thing is, as Ron Gula from Tenable Network Security reminds us, this monitoring requirement is at an organisational level and there remain plenty of logs that are either missed or not even contemplated.

This lack of comprehensive log analysis remains a huge missed opportunity to close down attacks, and as such has a deserved place in our top ten list.

Think about it for a moment, both Anonymous and LulzSec have exploited some very well-known security holes yet hardly anyone at the organisations targeted by them even noticed.

"Organisations should unify their log analysis program with their vulnerability and configuration motioning programs to ensure that systems are configured to collect and send logs centrally for analysis," Gula recommended.

"In addition, any type of passive network traffic analysis should be used to compensate for the lack of system logs".

Featured Resources

2,000 days: the CIO's world in 2025

What the role of the CIO will look like in five years time

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

The IT roadmap from modernisation to innovation with consistent hybrid cloud

A guide to a modern, cloud-enabled IT infrastructure

Download now
Advertisement

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020