WEATHERING THE CYBER STORM
By Sean Newman, Security Evangelist, Sourcefire now part of Cisco
With huge storms battering Britain in recent weeks, resulting in trains being cancelled and roads flooded, it is inevitable more people will have chosen to work from home. Gale force winds and torrential rain not only cause major disruption to the commuter, but potentially your company’s IT network by increasing the risk of a cyber attack.
The threat of intrusion cannot be underestimated, with hackers looking at every way possible to infiltrate your system including mobile devices such as laptops, tablets and smart phones. The huge shift to these devices, combined with bring your own device (BYOD), in the workplace is further aggravating the risk, with TechMarketView predicting 9.5 million employees in the UK alone are expected to adopt BYOD by 2016 – an 80 per cent rise on 2011. Additionally, US authorities reported last year that 79 per cent of mobile attacks in 2012 occurred on Google’s Android operating system, while the number of malicious Android apps topped one million in October.
A more recent study by Sourcefire shows many of us still click on web-links without checking if they are genuine, and it has been suggested that this is often wrongly perceived as just a PC problem rather than via mobile devices.
Of course, there are real benefits to BYOD and it would be incongruous and impractical to advocate a ban in the workplace, but organisations need to be prepared for a cyber attack. It is in the interests of any organisation to be vigilant with any attack impacting productivity due to slow connection speeds and performance, faster battery drainage and call drop-outs.
Businesses should consider how, not if, they will be attacked, by understanding how mobile devices are used and what data they are carrying and produce a BYOD policy to define proper usage. During any breach, it is important organisations can quickly identify infected devices and monitor the attack, and how it poses a risk to them and threatens their devices. Should a business be compromised, a retrospective analysis should be undertaken to ensure effective containment and remediation of the affected systems and measures taken to ensure better prevention in the future.
Just like the miserable, wet and windy February weather, if you go out without your coat, boots or umbrella you are going to get soaked and take much longer to dry out. By taking a few preventative steps you might still get a bit wet, but nothing that is going to leave you drowning in the flood.