Cyberattacks can disrupt operations, cause financial damage, compromise data integrity and harm the brand. They can also lead to extortion attempts, legal implications and the loss of personal data like family photos. From self-driving cars to medical equipment, the world relies on advanced technology that needs to be protected from cyberattacks. That includes protecting endpoint devices like laptops and smartphones; networks; and the cloud. Technology can help protect these entities with tools like next-generation firewalls, DNS filtering, malware protection and antivirus software.
However, people remain the weakest link in cybersecurity chains. According to IBM, human error causes 95% of breaches. Companies spend so much time and money securing their technology that they overlook the importance of providing training and education to employees on cybersecurity best practices.
New types of threats continue to emerge. For example, the Internet of Things (IoT) encompasses a multitude of devices that are connected to the internet but lack robust security features. They are vulnerable to attacks such as brute force that tries every combination of usernames and passwords until it gets in or cross-site scripting that injects malicious code into web pages viewed by users. Another threat is supply chain attacks that exploit non-secure network protocols and coding techniques, to infect applications with malware through source code, build processes and software update mechanisms.
In addition, attackers continue to target organizations through social engineering schemes. For instance, business email compromise (BEC) scams are a widespread and sophisticated attack that targets executives or other personnel with access to company finances or data. Tailgating is another way attackers can gain unauthorized access to networks by following an authorized user into the building and then quickly slipping in behind them. Network segmentation and detection and response systems can help protect against these attacks by limiting the amount of control attackers have and keeping the affected system isolated.