Contact Centre Summit | Forum Events Contact Centre Summit | Forum Events Contact Centre Summit | Forum Events Contact Centre Summit | Forum Events Contact Centre Summit | Forum Events

Posts Tagged :

cybersecurity

Cybersecurity trends to watch out for in 2023

 960 640 Guest Post
By:
0

Tyler Moffitt, Senior Security Analyst, OpenText Security Solutions, talks about the impact of geopolitical tensions and inflation on cybersecurity and 3 other key trends that will impact the cyber and tech landscape in the coming year…

  1. Small-Medium Sized Businesses (SMBs) will need to do more with less and cyber resiliency will be more important than ever.

“Cybercriminals will increase ransomware attacks on SMBs as prime targets in the wake of heightened geopolitical tensions, such as the War in Ukraine, and rising inflation in the UK and globally. This will force SMBs to do more with less, while already having smaller cybersecurity teams and budgets to defend against attacks, and it will make cyberresiliency more important than ever. Our recent SMB survey found that 46 percent of respondents felt more at risk of a ransomware attack due to heightened geopolitical tensions, and 53 percent were also concerned about their security budgets shrinking due to inflation.”

  1. Search engines will not only blur the lines between paid vs. organic search results, but also from what’s real and fake, increasing phishing attacks.

“Search engines like Google and Bing try to make it as easy as possible for consumers to find the information they request, but it will become increasingly difficult to distinguish between safe and malicious search results. As search engines work to provide a more streamlined experience, they unintentionally open consumers to a greater possibility of being phished. Scammers will purchase top ranking search result ads and use them to drive people to malicious and fraudulent websites to steal their personal and financial information.”

  1. As every home becomes a smart home and more personal data lives on the cloud, the attack surface will expand no matter how “secure” people feel.

“There’s a “Black Swan event” coming as consumers and businesses alike adopt new technologies to make their lives smarter and more convenient, in turn, sharing and storing more of their data in the cloud. Being connected to the internet 24/7 will make everyone who uses smart devices more vulnerable in the coming years. I believe a critical event this year, or merely increasing attacks, will signal a wake-up call to consumers and businesses to think more critically about how smart technology use hinders their security and privacy.”

  1. Cybercriminals will take advantage of consumers’ vulnerable footing to increase attacks as the economy suffers and inflation rises.

“No one is more opportunistic than cybercriminals. They are experts in understanding consumers’ greatest concerns and how to tap into these fears with phishing tactics to steal their money or personal information. Covid-19 was a prime example of leveraging fear into ROI and the more recent Ukraine war only adds fuel to the fire. I anticipate this attack approach will continue to rise as the UK experiences growing inflation, resulting stimulation checks, job losses and a potential recession for more fear tactics.”

UK businesses experience up to five security incidents each year

 960 640 Stuart O'Brien
By:
0

Attackers are seizing on vulnerabilities in hybrid working environments, creating more work – and also larger budgets – for security teams, despite organisations accelerating digital transformation projects.

The latest State of Security Report from Infblox, which surveyed 100 UK respondents in IT and cybersecurity roles in the UK as part of its global sample, discovered that the recent surge in remote work has changed the corporate landscape significantly.

In fact 64% of UK organisations have accelerated digital transformation projects in order to support remote workers since 2020. This is higher than the global (52%) average.  

  As part of this shift just under half (49%) of organisations have increased customer portal support for remote engagement and 43% have added resources to their networks and data basis. Given that over a third (34%) have close their physical offices for good, this investment may prove to be a strong strategic move.  

Cybersecurity still causing headaches   

An increased digital footprint inevitably brings increased digital risk and the reality of a hybrid workforce is causing headaches for IT teams and business leaders. The data reveals that the loss of direct security controls and network visibility has half (50%) of UK companies more concerned about data leakage than anything else. Almost as many (45%) are worried remote worker connections will come under attack.    

It appears that organisations have good reason to worry, given the report found that 61% experienced up to five security incidents in the last year. However, there is some good news: 66% report that these incidents did not result in a breach. This may be because 73% were able to detect and respond to a security incident within 24 hours.   

Of the 44% reporting a breach, insecure WiFi access (47%) was the biggest cause. The data also suggests that UK workers are continuing to fall for phishing scams. In fact 4 in 5 (82%) breaches reported in the last 12 months were caused by this attack method. Phishing usually signals the need for or failure of employee and customer security awareness training that require technological backstops  

Defense in depth   

Infoblox’s report discovered that the majority of organisations are investing heavily in security tools to protect their hybrid environments. In fact, 59% of respondents saw bigger budgets in 2021 and 64% anticipate an increase in 2022.   

Many are turning to defense-in-depth strategies, using everything from data encryption and network security to cloud access security brokers and threat intelligence services to defend their expanded attack surface. As part of this, almost half of organisations (47%) are relying on DNS (Domain Name System) to block back traffic.    

“The pandemic shutdowns over the past two years have reshaped how companies around the world operate,” said Anthony James, VP of Product Marketing at Infoblox. “Cloud-first networks and corresponding security controls went from nice-to-have features to business mainstays as organisations sent office workers to work from home. To address the spike in cyberattacks, security teams are turning to DNS security and zero trust models like SASE for a more proactive approach to protecting corporate data and remote devices.”  

The full report is available for download here.  

Banking on security: Keeping customer data secure in financial services

 960 641 Guest Post
By:
0

Simon Hill, Legal & Compliance, Certes Networks

The protection of sensitive data in line with regulations, both for banks and other financial services organisations, is currently a big challenge.

The way these organisations operate has changed dramatically in recent years, due mostly to the fact that financial institutions are not only heavily regulated by data privacy requirements, but they are also under mounting pressure to be open to consumers and businesses about how they are protecting their data from potential breaches.

The increasing expectations of consumers means that banks and financial institutions are trying to achieve a balancing act: how can they protect data privacy, while at the same time remaining transparent about how data is being protected?

However, it doesn’t have to be a play-off between meeting these customer expectations and meeting cyber security and compliance requirements: banks and financial services organisations can utilise technology to the fullest extent while still protecting data. 

The balancing act 

To achieve this balance, banks and financial services organisations need to take control of their security posture and assume the entire network is vulnerable to the possibility of a cyber-attack. Robust encryption and controlled security policies should be a central part of an organisation’s cyber security strategy.

Through generating and defining policies, network policy enforcement allows organisations to ensure that only authorised applications and users are communicating with one another, while enabling them to meet their own governance, security and compliance requirements. 

Rather than waiting for a cyber-attack to happen, new technology tools are now available to gain a deeper understanding of policy deployment and analyse every application that tries to communicate across the network, all the while monitoring all traffic and limiting the pathways potential threats can travel. 

Conclusion 

Banks and financial services organisations should not have to worry about keeping data secure and protected. Adopting new ways of thinking about how these organisations can strengthen the protection of data requires well-defined policies, strict key assignments and authorisation of who sends and receives data.

But, most importantly, the ability to enforce policies to better monitor and observe applications and suspicious activity on the network will require sophisticated technology and tools that are currently available today.