////////////////// ROMAN CUPKA,
PRINCIPAL
CONSULTANT
AT FLOWMON
NETWORKS
2
017 was a busy year in the realms of
cybersecurity. Ransomware spread
like wildfire. The cyber underworld
exploited security holes in operating systems
resulting from code leaked from government
secret services, as well as thousands of
documents pilfered from the CIA about their
cyber intelligence operations and hacking
tools. Hackers interfered with election
campaigns and they also continued their
tradition of keeping a number of websites
and services under fire with DDoS attacks.
What do these events mean for every day
operations of security managers in 2018?
Prepare your infrastructure for
another round of DDoS attacks
For any application-driven organisation,
DDoS attacks still represent cyber threat
number one. Various statistics and
information from monitoring devices show
an annual increase in double-digit rates in
the growth of attacks, but what is worse
is that today, these type of attacks in
comparison with 2015 are on average up
to four times greater. New types of botnet
have also arrived on the scene to control
devices connected to the Internet of Things
(IoT), which consequently pave the way
for a DDoS attack. There are several DDoS
protection solutions – in cloud, in-line and
38
INTELLIGENTCIO
out of path – and organisations should
prepare themselves.
Strengthen your security architecture
with behaviour analytics
The coming year will see the number of
ransomware cases increase, especially
with using the popular cryptocurrency, as
increasingly sophisticated ransomware on the
dark web has become an extremely popular
and easily available moneymaking tool not
only for criminal groups, but also for some
state regimes. For example, a lifetime license
for the Halloween malware can be bought
for US$40. With the growth of sophisticated
ransomware, security tools based on
behaviour analytics have grown in significance
due to their ability to discover malicious code
bypassing firewalls and end-point security.
Think about insurance
against cyberattacks
If you want to buy insurance against
cyberattacks, which is much more likely
today than being involved in a transport
accident, in many countries you would look
in vain. In the USA in 2017, the insurance
market for cyberattacks was worth US$1.5–
3 billion and will grow to over US$20 billion
by 2025. Forward-looking companies are
now beginning to take cyber threats
seriously as a significant business
risk and not only as an IT problem.
In the northern countries of the
European Union and the USA,
cyberattack insurance is used by
one-third of companies. In 2018,
this type of insurance will appear in
other countries, so it is a good time
to assess its benefits.
A shortfall of IT
security experts
The new stricter legislation with
the threat of severe penalties,
cyberattacks more sophisticated
and more aggressive than ever
before, the acceleration of business
digitisation and the greater
damage to businesses with the
unavailability of their services have
all led to an increasing demand for
experts in IT security. According to
some estimates, there is a global
shortage of two million cybersecurity
professionals who should fulfil the
new roles in companies and public
administration resulting from the
more stringent legislation and
requirements for greater security of
digital technologies.
www.intelligentcio.com
EDITOR’S QUESTION