10 Critical Corporate Cyber Security Risks

10 Critical CorporateCyber Security RisksYOU SHOULD BE AWARE OF

JUNE 2015

10 Critical Corporate Cyber Security RisksA data driven list

The increasing costs of cyber attacks: Organizations have reported financial hits up to 93% more costly than 2013.

The increasing number of cyber incidents: The Compound Annual Growth Rate (CAGR) of cyber security incidents has increased by 48% since 2013!


Cyber security issues are not a top concern for companies (but should be)


Corporate cyber security risks can impact your company’s growth: 69% of CEOs in the US are worried about the impact of cyber threats to their growth prospects

*PwC’s Annual Global CEO Survey 2014



Finding this presentation useful?Why not share it with others?

10 corporate cyber security risks your company should prepare for:


Failure to cover cyber security basics


Cyber attacks target common vulnerabilities on employees’ computers in approximately 70% of cases!

1.

Most common types of cyber-attacks:Target vulnerabilities and exploits – 75,6%Try to deliver malware to the PC – 23,9%Fish for the user’s corporate information (e.g. authentication information) – 0,50%.



2.Not understanding what generates corporate cyber security risks

Technological risks:Malware / viruses / intrusionsCyber attacksService provider failurePhysical security (e.g. Loss/theft of equipment)Cloud apps or servicesData related vulnerabilitiesPhishing


Human risks:Human error/mistakes/omissionInsider sabotage/Theft /Vandalism Lack of skillsLack of knowledgeLack of guidanceLack of appropriate resourcesPartners Activist groups


Lack of a cyber-security policy “Just as companies seek outside expertise for legal and financial matters, they should now be looking for experts in cyber security and data privacy.”

* http://fortune.com/2015/02/17/how-corporate-america-can-fight-cybersecurity-threats/


3.

Confusing compliancewith cyber securitySometimes compliance is mistakenly regarded as a cyber security policy, but, ensuring compliance with company rules is not the equivalent of protecting the company against cyber attacks.


4.

The human factor - the weakest link -Motives and methods that can trigger an “inside job”* when it comes to cyber attacks: financial gain, curiosity, revenge, non-financial personal benefit, excitement.

*PwC US cybercrime: Rising risks, reduced readiness


5.

Bring your own device policy (BYOD) and the cloud93% of organizations surveyed allow personal devices for work, which brings an entire new set of cyber security risks.

*Protecting the organization against the unknown – A new generation of threats 2014


6.

Targeted attacks on critical company data and applications are common.24 % said misuse of mobile devices and operating system vulnerabilities are the root cause of security breaches.



Funding, talent and resources constraintsLack of planning, funding and specialists can lead to serious security breaches in your company’s system that could cost a lot more than you’d spend preventing them.


7.

Think of your cyber security policy like it is your company’s immune system.



8.No information security trainingOnly 50% of companies believe security training for both new and current employees is a priority*.


Lack of a recovery planThrough prevention, your company can detect cyber attacks in their early stages, and the threats can be isolated and managed more effectively.


9.

Does your company have a recovery plan in place?By having a recovery plan outlined and tested, your response time can be shorter and your system can be up and running normally in no time.

Helpful guide: 10 steps to critical steps to take after a data security breach.



Finding this presentation useful?Why not share it with your followers?

Constantly evolving risks Cyber threats are not only pervasive, but they’re also constantly transforming (polymorphic malware).


10.


Malware is evolving. Fast!Polymorphic malware is harmful, destructive or intrusive computer software such as a virus, worm, Trojan or spyware that constantly changes, making it difficult to detect with antivirus programs.

That’s why antivirus is not enough!

Your first line of defense must be ensured by a solution that can act proactively to:

IDENTIFY MALWAREBLOCK ACCESS TO HACKER CONTROLLED SERVERSSTOP DATA LEAKAGE KEEP YOUR SYSTEM PROTECTED BY PATCHING VULNERABILITIES.


Companies need a change in mindset“Criminals are all automated to the teeth and the only way for companies to counter that is to be automated to the teeth as well to find those vulnerabilities…the bad guys only have to find one hole. We have to find them all.”*

*CFO Signals – What North America’s top finance executives are thinking – and doing Q3 2014



Read the full article, with more statistics on cyber security threats affecting companies!

Go to the article now

https://heimdalsecurity.com/blog/10-critical-corporate-cyber-security-risks-a-data-driven-list/

Heimdal SecurityWe protect you from attacks that antivirus can't blockWebsite: https://heimdalsecurity.com/Blog: https://heimdalsecurity.com/blog/Twitter: https://twitter.com/HeimdalSecurityFacebook: https://www.facebook.com/HeimdalSec


Small Business & Entrepreneurship

10 Critical Corporate Cyber Security Risks