A survey of 201 UK-based IT security professionals offers some shocking insight into the cybersecurity practices of their organizations. 67 percent of those surveyed stated that their companies were not up to snuff and 90 percent admitted to making compromises that could leave other areas exposed in the process of trying to protect their businesses.
If that's not alarming enough, more than half of all respondents said that they do this on a routine basis. Evidence suggests that by prioritizing more visible consumer services, these businesses leave exploitable areas exposed, particularly where internal systems and trading data are concerned.
Of course, this is nothing new. As far back as 2013, tech giants like Apple had their internal systems hacked. And last year, The Guardian reported that one of the world's four largest accountancy firms had become a target of sophisticated cybercriminals.
Even the UK Parliament was a recent victim of a cyber-attack with 90 Parliamentary email accounts compromised in a single weekend. Indeed, this is a conundrum that the country has been facing for some time. But what's disturbing is the sheer volume of businesses that aren't taking cybersecurity seriously.
An undue focus on e-banking and similar applications has come at the expense of 71 percent of other critical systems and VMWare's UK head of network and security says that financial services organizations are running “the constant risk of overstretching already antiquated security infrastructures.”
A fundamental part of the problem is lack of understanding; leadership teams in the cybersecurity field appear to be unaware of the potential for breaches, an alarming fact when one considers that that is their inherent responsibility.
Companies are in desperate need of an education in proper security measures and all financial firms should keep themselves abreast of the latest threat trends. According to a report from Osterman Research, more 20 percent of businesses among a pool of 1,000 surveyed experienced a ransomware attack in 2017.
Of those attacked, 15 percent suffered financial losses as a consequence of the attacks. Small businesses lose an average of $100,000+ per ransomware incident.
These attacks can affect big box stores, banks, airplanes, hospitals, and more. Nobody is safe from them unless they arm themselves with appropriate technology and familiarize themselves with proper protocol.
IT professionals operating in the United Kingdom would do well to explore the regulations recently implemented in the U.S. In August of 2017, New York State enacted the DFS Cybersecurity Regulation which calls for regular risk assessment reports and compliance in customer data privacy, disaster recovery planning and resources, asset inventory, data governance and classification, incident response, and systems and network monitoring.
The regulation requires covered entities to report incidents to the Department of Financial Services in a timely manner and restrict user access to sensitive company data.
By carefully selecting secure web hosting and utilizing VPNs (Virtual Private Networks) with military-grade encryption, IT professionals can improve cybersecurity practices and eliminate the likelihood of a malicious event.
For financial services organizations, converting company assets to cryptocurrencies like Ethereum (Ether) can also make a significant difference. Such privacy coins anonymize funds; their intelligible protocols fully encrypt user activity and their zero-knowledge proof of knowledge gives users the ability to share the volume of coins with parties of their choosing without additional information getting leaked.
There are other potential use cases for the blockchain technology on which these cryptocurrencies are based. For instance, if a financial institution wants to perform an internal audit or any kind of accounting, such tasks can be conducted on the blockchain. It's paperless, private, and free from the vulnerability that mars traditional systems.
Regardless of which of these technologies businesses decide to adopt, one thing is certain. Something's gotta give. As Richard Bennett, head of accelerate and advisory services at Vmware puts it, “This past era of compromise towards cybersecurity must end.”
Sam Bocetta is a defense contractor for the U.S. Navy, a defense analyst, and a freelance journalist. He specializes in finding radical — and often heretica l — solutions to "impossible" ballistics problems. Through Lakeview Capital, he also cultivates funding for projects — usually naval, defense, and UAV startups. He writes about naval engineering, mechanical engineering, electrical engineering, marine ops, program management, defense contracting, export control, international commerce, patents, InfoSec, cryptography, cyberwarfare, and cyberdefense. To read more of his reports — Click Here Now.
© 2022 Newsmax. All rights reserved.