Today, AT&T blocks three-quarters of the email traffic passing through our network due to suspicious content. This is a substantial amount of what could be potential threats to businesses of all sizes every hour of every day.
This equates to more than 400 million spam messages detected by AT&T on its network every day. This volume shows the increasing need for up-to-date cybersecurity protections for every business. Even more so with the rapid growth of new technologies.
While new technologies create many benefits for businesses, they also increase the amount of vulnerable data. Each connected device is a potential entry point for an attacker after company data.
In fact, in the first half of 2016, we saw a 400% increase in attackers searching for weaknesses in Internet of Things (IoT) devices. These attacks can have harsh consequences for companies that fail to protect themselves.
And yet, half of all companies we surveyed in our latest report, “The CEO’s Guide to Data Security,” may not be effectively protecting themselves. These companies reported they have not changed their cybersecurity defenses in more than 3 years.
Three years may seem like a relatively short time span. But every time an organization updates its IT system or begins using new technology, they’re leaving new security gaps to exploit.
Businesses must treat cybercriminals like burglars. Attackers are just waiting for a cracked door or open window so they can take your most valuable assets. Locks and alarms will help deter these criminals.
The good news is that cybersecurity innovations have led to solutions that will help protect businesses amidst the ever-changing landscape. Businesses should consider the following steps as part of their defense strategy.
Identity & access management
Large amounts of data exist outside the company firewall – on mobile phones, laptops, social media forums or websites. Businesses need help to protect data in this environment.
The latest technology often has the ability to help restrict device use to only approved users. At AT&T, we have also implemented a ‘software-defined’ perimeter that helps control access to mobile data. Generally, this shows which devices are talking to and interacting with the network. This information helps trigger notification of unusual behavior.
Threat analytics
It’s becoming increasingly difficult to detect threats. Cybercriminals are always coming up with new ways to breach data systems.
Threat analytics help identify potential threats – as well as aiding in determining whether a threat is real or not. When the alarm rings, you might compare different data sets to determine what is a threat – and what is a false positive. Companies rely on them to start automated responses. With thousands of daily security checks, automating parts of the the system is key to keep threats at bay.
Virtualized security
In the past few years, we’ve moved from hardware to software-based IT systems. Software is more flexible and lets data run in multiple locations at the same time.
Some of these applications run on premise, others in the cloud. Virtualization means keeping regular security controls and policies across many environments.
In order to keep data integrity inside and outside of your organization, virtualization is a vital tool.
Incident response
When things go wrong, it’s essential you already have a breach response plan. Successful firefighting begins well before a fire starts; it enables teams to know the ‘drill’ and act instinctively. The same applies if a company suffers a data breach.
In case of a security incident, every business should develop a cross business unit team. This group can help manage the efforts to respond.
It’s crucial to test the response plan before it’s necessary to use it. The fire alarm test may be irritating when it goes off, but you will be grateful for those trial runs in a time of crisis.
An incident response plan can make or break your business; it could save you tens or even hundreds of millions of pounds.
Digitizing your business can create huge opportunities for innovation – and new openings for cyberattacks. The trick is to exploit the opportunities and close the loopholes.
The cybersecurity threat is growing bigger by the day, but so too is our knowledge. Together, we can work to help defeat it.
