Security experts often focus on the latest and greatest progressions of the threat landscape. They’re most interested in sharing how threat actors have become more sophisticated and how attack technology, malware, and techniques have evolved significantly. They warn that the latest attacks bypass or evade many of the industry’s original information security defenses.
Prediction video link: https://www.youtube.com/watch?v=PwBQbx6jRKs
While none of that is false, the truth is a huge majority of successful attacks—especially ones against smaller targets—still rely on the basics. Many successful cyber-attacks last year exploited software flaws that had been fixed for months, took advantage of bad or default passwords or bad password practices, or just tricked users into doing something basic that they shouldn’t do. Despite the fact that some threat actors really are using very sophisticated techniques, we predict the majority of small to-medium businesses (SMBs) will experience security breaches next year that will succeed due to a basic security best practice failure, such as not keeping your software up to date or not using very basic security controls like Gateway Antivirus (GAV) or Intrusion Prevention Services (IPS).
There is a silver-lining to this prediction, though. If you concentrate on following basic security best practices, your organization can avoid a majority of the attacks that will launch in 2016.
Visit our WatchGuard security predictions site
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply