Page 84 - Cyber Warnings
P. 84
exploit old vulnerabilities, which could be fixed with patches. In fact, the 2015 HP Cyber Risk
Report revealed that 44 percent of all breaches came from vulnerabilities that are between two
and four years old.
5. Unpatchable Software
Similarly, many enterprises do not have their finger on the pulse when it comes to unpatchable
software. As an example, Microsoft ended support for Windows Server 2003 and Windows XP
over a year ago, meaning there will be no further updates, even if security risks are found.
Despite this, Forrester estimate there are still more than 10 million active users.
6. Phishing Emails
Although most enterprises issue warnings, phishing emails remain a threat. It is believed that
156 million phishing emails are sent every day, with 16 million making it past spam filters. Of
these, 50 percent are opened and 10 percent of people who open a phishing email
subsequently click on a link, according to Cyveillance. That means that 80,000 people still fall
for phishing scams every single day and it could happen in your workplace.
7. Data Destruction
The destruction of sensitive data is essential for security purposes, yet it continues to represent
a key threat for large enterprises. In fact, a report from Blue Coat found that data destruction
was the second most serious 'shadow data' security threat around, accounting for 17 percent of
the total risk.
8. Employees With a Vendetta
It may seem like a strange idea, but your own staff are one of the biggest possible threats to
data security. Internal attacks from embittered staff or disgruntled former employees can do a lot
of damage, especially if the staff member has intimate knowledge of your network. For this
reason, privileged accounts should be restricted and should be terminated as soon as
somebody leaves the organisation.
9. Wearable Devices
The rise of wearable technology like smart watches has added to the number of devices that IT
departments need to be aware of. Most of these devices carry similar security risks to mobile
phones, but they are also more discreet. As a result, staff may be able to access them in places
where mobiles are restricted or banned.
10. A Lack of Planning
Finally, it can be argued that within big businesses, data breaches or security threats are
84 Cyber Warnings E-Magazine October 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
