Security is foremost on the minds of anyone who is involved in the world of connected devices, M2M, or the IoT (Internet of things) these days and with good reason. Data breaches and cyber threats are plaguing just about every industry. For instance, Heartbleed is definitely something that is significant and requires quick action for numerous organizations, especially if your firm is running a vulnerable version of OpenSSL. Without question, every company needs to be prepared for these types of unannounced vulnerabilities as they pop up. It’s no secret Heartbleed found its way into Web servers, but it also created havoc on routers, networking equipment, and a host of enterprise technology.
Heartbleed really opened all of our eyes to just how vulnerable enterprise systems and gadgets can be to cyber attacks. With that said, it’s almost impossible to keep up with cyber trends because as these cyber attacks increase we are seeing bad guys show off the real innovative art behind these designer breaches versus the real science of the crime.
So, the real question is how do you keep up with all the cybercrime? As I see it, it’s virtually impossible.
In talking with Bryan Sartin, director, of Verizon’s RISK team, I wasn’t surprised to hear him acknowledge the cybersecurity landscape is just getting trickier and trickier. From his perspective cybercrime is growing and so are the vulnerabilities for each and every enterprise. Sartin is a huge proponent of companies establishing sound strategic security initiatives that can limit the effects of something like a Heartbleed. His comments stem from Verizon’s security report, which it released today. The report’s goal is to help enterprises assess what they are doing right now in the area of information security.
The seventh annual Verizon 2014 Data Breach Investigations Report, states more than 1,300 confirmed data breaches and 63,000 reported security incidents throughout a 10-year range of study.
In looking at the report it highlights nine threat patterns Verizon says are responsible for a good portion (almost 92%) of the security incidents analyzed. These threat patterns include miscellaneous errors, which can be as simple as sending an email to the wrong person; “crimeware,” which the carrier defines as malware aimed at gaining control of systems; insider misuse; physical theft and loss; Web app attacks; POS (point-of-sale) intrusions; and payment card skimmers; among others.
So if the report’s ultimate message is clear—no organization is immune from a data breach—then, as an M2M industry, we need to find better ways to help enterprise companies. If the potential of more devices and gadgets being compromised increases as more apps continue to communicate with each other, the greater the risk of cybercrime, unless the M2M/IoT industry takes the necessary precautions to minimize attacks.
There is good news in all this. The M2M industry is proof positive that when data is put in the hands of the right decisionmakers it can change the fate of a business. The data-breach report does a nice job of showing that information. Now it’s up to enterprises to put the right safety measures in place to least minimize the impact of a data breach.
In a world where cybercrime is sometimes nothing more than just sport to the bad guys, you really need to be more vigilant than ever if you really want to protect your assets.
Want to tweet about this article? Use hashtags #Verizon #security #cybercrime #M2M #IoT #Heartbleed