Valentine’s Day is near. And while love is grand, the fact is that human nature can sometimes cause heartbreak. Research shows that one in five people are keeping a major secret — such as infidelity or money troubles — from their spouse. Deceit can be a deal breaker.
IT and security professionals know all too well the difficulties of dealing with a world of deception not only caused by cyber criminals and their increasingly sophisticated and determined tactics, but also by privileged insiders.
Courtesy of Blue Coat, here are six cyber secrets to be aware of that can set organizations up for betrayal and heartbreak.
Dangerous Cyber Secrets
Click through for six cyber secrets that can set organizations up for heartbreak and betrayal, as identified by Blue Coat.
Encrypted Malware Traffic
Sneaking in and out? Attackers stealthily use encryption to mask their behaviors. SSL/TLS encryption is widely used to secure communications to internal and external servers, but can blind security mechanisms by preventing inspection of network traffic, thereby increasing risk.
Who’s watching you? According to Blue Coat’s 2015 State of Mobile Malware Report, spyware was a top mobile malware type in 2015. With the insertion of spyware on mobile devices, attackers are able to secretly profile behavior and online habits. As we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data these devices collect.
Don’t leave your diary open! A password should be your protective secret, but instead is all too often a self-imposed risk. “The biggest password problem isn’t the use of weak passwords. It’s the REUSE of ANY password. We should be preaching against the sin of password reuse more than the sin of weak passwords,” says IT consultant Ken Harthun.
Shadow IT and Shadow Data
Keeping secrets spells trouble. Keeping cloud app usage a secret from IT can be devastating to the organization’s security posture. According to the recent Shadow Data Report from the Blue Coat Elastica Cloud Threat Labs, organizations are unaware that 26 percent of documents stored in cloud apps are broadly shared – meaning any employee can access them – and in some cases are discoverable in a Google search.
Where are you going? There are 10 top-level domains (TLDs) or neighborhoods on the Web that are most often associated with suspicious websites, according to recent Blue Coat research. An increase in shady TLDs gives the bad guys more opportunity to partake in malicious activity, while consumers and businesses are in the dark about which sites are the most suspicious and how to avoid them.
Third-Party Vendor Access
Who’s in your house? It’s critical that you know which third-party vendors — such as health insurance providers and HVAC suppliers — have access to your corporate networks. If you don’t, attackers are likely to find out first and use this indirect route to strike. And it doesn’t stop there. Bad guys have used devices like printers, thermostats, and vending machines to gain entry.
Clearly you can see from these six cyber secrets that the internal and external risks are significant to an organization’s IT security posture – and they’re mounting. What’s worse, betrayal – in the form of a data breach, for example – can include ruined reputations, revenue and customer loss, damaged intellectual property, litigation and the list goes on.
Communication is the key as it is in any healthy relationship. IT and security pros must clearly communicate these risks outside of the IT department in a way that resonates with upper management and achieves top-down buy-in for proper defenses against advanced threats — especially as data moves into the cloud and across other devices.