Intelligent CIO North America Issue 15 - Page 54

FEATURE : CYBERSECURITY

IT ’ S EVEN MORE COMMON FOR A WELL- MEANING EMPLOYEE TO INADVERTENTLY OPEN THE DOOR TO HACKERS .

with the increased effectiveness of phishing attacks targeting news-obsessed users , a change in tactics may also have played a role . While earlier attacks generally focused on the traditional encryptionpayment-decryption ransomware model , hackers are now seeking to increase their returns through data exfiltration , stealing data and offering it for sale on the black market .
Taking data protection inside the perimeter with Zero Trust
In the era of public cloud , mobility and work-fromhome , the notion of perimeter security has quickly become outdated .
It ’ s not just that the attack surface has changed ; organizations have also gained a new understanding of the identity of the potential attacker , including trusted insiders who don ’ t even realize that they ’ re abetting a crime .
It ’ s common to think of an internal threat actor as a disgruntled employee or spy undermining cybersecurity with ill intent , but it ’ s even more common for a well-meaning employee to inadvertently open the door to hackers through poor password hygiene , nonsecure practices or the everpopular phishing lure .
For ransomware victims such as government agencies , corporations , healthcare systems and universities , the growth in data exfiltration can compound the already considerable damage of a ransomware attack beyond the ransom itself , potentially including violations of customer privacy , the loss of corporate data and massive regulatory files . Add to this hidden costs such as system downtime , reduced efficiency , incidence response costs and brand and reputation damage – bringing total global costs to more than US $ 1 trillion each year .
While awareness and education can help lessen the risk of successful phishing and ransomware attacks , a single moment of inattention and carelessness can be enough to devastate the business .
It ’ s safer to assume that anyone , even a trusted user with a heart of gold , can pose a security risk and design your cyberdefense strategy accordingly . Hence the rise of Zero Trust – the notion that we shouldn ’ t trust anything or anyone , inside or outside the network , with access to our computer systems .
54 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com