Cyber Security Awareness Month
October was Cybersecurity Awareness Month. Out of curiosity, I looked online to see what sort of information was available on the topic. I wasn’t surprised by the results; there were thousands of links, including newspaper articles, infographics, and general awareness notices, with sources that included the U.S. Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), major news publications, expert blogs, and notices from scientific and educational institutions. The overwhelming majority of these links contained meaningful, useful, and valuable recommendations for both businesses and individuals on how to avoid becoming victims of cyber attacks.
With so much quality information readily available, why then are so many companies, large and small, still regularly caught in the agonizing maelstrom of a cyber breach? The answer is straightforward; businesses aren’t keeping up in terms of understanding the threats that they face, or investing in the technology necessary to mitigate those threats, as we learned from our recent study, conducted jointly with Network World in July and August of 2015.
Web Security Challenges
In this study (more in the study report and on page 4 of our Cyber Threat Report), we sought to understand the challenges associated with delivering web security, as well as to gauge receptivity to cloud-based web security solutions. Most participants worked for companies ranging in size from 1,000 to 5,000 employees and held functional-level, non-CIO or -CTO titles. The responses weren’t entirely surprising; while the vast majority of respondents considered their firms to be mid- to high-level risk targets, many indicated that they lacked resources to implement new security solutions, had difficulty assessing their organizations’ level of risk, or had no clear or uniform strategy for incidents. And, almost half said the increasing proliferation of mobile devices (laptops, tablets, and smartphones) created complexity and difficulty in managing web security.
Experian Campaign: Data from 15 Million T-Mobile Customers Stolen
This lack of understanding and investment was displayed again recently, as we learned that over 15 million T-Mobile customers lost social security numbers, birthdates, and home addresses in an attack on the servers of the credit-reporting agency Experian. The stolen information is already for sale on the dark web. Worst still, security bloggers are hinting that employees and contractors had voiced their fears to leadership on the possibility of an attack, yet their concerns were ignored.
When reading about the lack of understanding among security professionals or the latest major corporate cyber breach, it is easy to become jaded on the topic of cyber security awareness. We tend to ask ourselves, “How is it possible, with the information and technology currently available, that many businesses still lag behind when it comes to upgrading and investing in trustworthy cyber security solutions?”
It is for just this reason that more than ever businesses and cyber security professionals need to embrace awareness. They need to arm themselves with the facts about the available technology and the true costs and implications of a cyber breach. Business leadership needs to listen to all levels of security staff, from management to engineers and analysts. And most importantly, cyber security professionals need to realize that cyber security technology is changing rapidly. Deciding to take a “wait and see” approach to a new cyber security solution likely means that you will experience a significant breach sooner rather than later.
With the ability to analyze 17 billion internet transactions daily from more than 600 million users in almost 200 countries, (more than any other cyber security organization), CYREN is committed to empowering the cyber security community with awareness and the best, most technically advanced solutions available today.