'2017 was a great year... New variants of Ransomware evaded security controls and compromised thousands of devices, new vulnerabilities were exploited exposing millions of machines, high profile data breaches resulted in millions of pounds of losses… A job well done.'*
That is the truth of the matter if you are a threat actor looking to commit online cyber fraud. Criminals are now making more money than ever through illegal online activity, and as the opportunity grows more players are entering the game.
Cloud and IoT
The emergence of cloud platforms and the growth in connected IoT (Internet of Things) devices will only make control of systems and data harder, making the stakes even greater.
Imagine the scenario whereby a rogue group have hit London’s water infrastructure, cutting supply to millions of people; or the NHS being hit by a cyber attack that stops access to essential healthcare (OK, one of these has happened already) - the threat is real and is likely to happen soon.
The UK government has recognised the danger to organisations providing essential services, and as such is releasing new directives on how to mitigate such threats.
The new NIS Directive will mandate that security is designed with four key objectives in mind:
- Identifying Risk
- Protecting Against Cyber Attack
- Detecting Cyber Events
- Responding to Cyber Incidents
This directive will be released in Q2 2018, and large fines loom for companies that don’t meet the requirements. More information on the Press Release from the NCSC can be found here.
Oh, and if the thought of an attack by a rogue state has sent you scurrying under the desk, check out the Top Cyber Trends in 2017 courtesy of Check Point.
Our independent security review can also identify gaps and provide recommendations around areas in which your organisation may be vulnerable to threats. Download our Cyber Security Assessment below to find out more about how we can help:
- By Martin Collins (Head of Networking & Security)