Just asWannaCry andNotPetya were the top IT security challenges of 2017, the discovery of the Meltdown and Spectre microprocessor vulnerabilities , and several similar vulnerabilities in the months that followed, were probably the single most challenging developments for enterprise IT security teams in 2018.
As enterprise teams raced to patch their systems, they faced patches that are incompatible, leading to crashes, reduced performance and lock-ups. And months after the bugs were disclosed, security experts are still divided over their significance, with some saying they opened up a dangerous new avenue of attacks, while others believe Meltdown and Spectre are not nearly as threatening as other recent bugs.
Otherwise, IT security news was dominated by the growing number of potential cyber threats to the enterprise and the resultant challenges facing IT security teams. A common theme throughout was that any organisation that has any online presence should consider itself a potential target for cyber attack, regardless of its size and industry sector, underlining the importance of IT security for the vast majority of organisations and businesses.
The top challenges for IT security teams highlighted during 2018 include ransomware, illicit cryptocurrency mining, fileless malware, cross-operating system attacks, hardware vulnerabilities including Spectre and Meltdown and vulnerabilities in internet-connected devices making up the internet of things (IoT), as well as other emerging technologies enabling digital transformation such as machine learning and artificial intelligence (AI).
But a recurrent theme in 2018, as in previous years, was that many organisations are still failing to get the basics right when it comes to cyber security . This was shown to be true with report after report linking cyber breaches to basic security failings or oversights. Allied to this, industry experts throughout the year pointed to the fact that organisations are failing to learn the lessons from past attacks to identify weaknesses and improve cyber defences.
One of the key goals for IT security teams identified through the year is to have visibility of where data lives and moves, and who has access to it, as well as ensuring that their organisations are cyber resilient, in the sense that they are able to recover normal business operations after any information security incident.
Other industry reports underlined the importance of cyber resilience as well as adopting a more proactive approach to security, with a growing number of information security suppliers providing the opportunity for IT security teams to switch to an intelligence-led approach to capitalise on the insights gained from all the security-related systems deployed throughout the enterprise.
Artificial intelligence in the context of cyber security has received a lot of attention in the past year, and while there are clear cases where AI technologies can help organisations to improve their cyber security capabilities, security experts have consistently warned that AI is not the answer to all information security threats , with some urging businesses not to put too much faith in using AI, but to focus instead on educating users on cyber hygiene and managing risks.
While AI was among the most discussed technologies in relation to cyber security, thezero trust model was among the most discussed approaches to security as an alternative to the traditional approach to address many of the new and emerging challenges. Supporters of the zero trust approach claim it is finally gaining traction because of the development of enabling technologies and the business benefits that appeal to business leaders. However, experts say IT security teams should be wary of marketing hype and focus instead on security architecture best practices to realise the benefits of the zero trust model.1. Meltdown and Spectre a big deal for enterprises
Once the microprocessor exploits dubbed Meltdown and Spectre were made public in January 2018, security experts warned that malicious actors would be quick to incorporate them into their cyber attack arsenals, and advised IT security teams there was no time for enterprises to delay taking action. However, when patches were made available, IT security teams faced several challenges , with some patches proving to be problematic, leading to crashes, reduced performance and lock-ups.
Months later, however, security experts are divided over the significance of Meltdown and Spectre , with some arguing that laws opened up a dangerous new avenue of attacks, while other say the flaws were over-hyped, noting that there is no evidence that the flaws have been exploited successfully in the wild.2. Cyber security vulnerability concerns skyrocket
In July, we reported that IT security professionals were more worried about data breaches and cyber attacks than they were in 2017, with most fearing that Meltdown-Spectre attacks were becoming the norm.
The top concerns among IT security professionals, a report revealed, were system compromises and ransomware, closely followed by distributed denial of service (DDoS) attacks, financial theft and attacks on intellectual property. The report underlined the importance of IT security teams getting to grips with all the potential threats against their organisations and taking steps to mitigate the impact on the business of the top threats.3. Europol cyber crime report highlights emerging threats to enterprise security
The top cyber threats facing IT security teams, according to Europol, include ransomware, mobile malware, illicit cryptomining and exploitation of vulnerabilities in internet-connected devices (IoT).IT security teams need to assess their vulnerability to these threats and take action to mitigate against them. The number of internet-accessible industrial control systems is increasing every year, researchers warned, hi