Cybersecurity Trends Affecting Businesses in 2019
In my role as divisional vice president of Platforms and Applications at Verizon Partner Solutions, I work across several different technology areas including voice, connectivity, cloud computing and applications-as-a service. However, perhaps the biggest areas of focus for my team – and one that crosses all others - is security.
Today’s security landscape is challenging. It is becoming more and more difficult for organizations to control where data ends up, and who can access it. As business executives seek to use technology to power business innovation, it’s more vital than ever for them to safeguard their data, infrastructure - and ultimately, their reputation.
Verizon Partner Solutions’ end-to-end cyber detection and response tools help deliver visibility, actionable intelligence and adaptive response against potential threats. Our portfolio of services, which includes professional services, monitoring and analytics, and network and gateway security and response, can help protect businesses from threats.
Most importantly, thanks to Verizon’s long-standing security experience and expertise, we have vast knowledge of how threats are being adapted and transferred over the network. We’ve been collating and analyzing this data for years, working with partners across the globe, in our data breach investigations report, making it simple for corporate decision-makers to process and understand where the threats reside – and where their security investment dollars should be spent.
Cybersecurity Trends Affecting Businesses
As more enterprises go through the process of digital transformation—especially when digitizing proprietary information, processes, contacts and communications—it’s imperative that they take a critical look at their security to make sure they are protected against various cyber threats.
Security teams need to look at the business from a holistic viewpoint, identifying and evaluating all internal and external threats that could exist within a business infrastructure. As businesses digitize, having that holistic view becomes critical. They also need to be proactive. You can’t assume that the bad guy will telegraph an attack – proactively evaluating potential vulnerabilities on an ongoing basis is critical. This allows you to take steps to mitigate against potential threats before a cyberattack happens. And often, it’s about doing the simple things well – ensuring patches are applied and updates are made can play a crucial role in protecting an organization against ransomware, phishing, internal threats, network vulnerabilities and more.
Preventing a Cyberattack
More than 52% of breaches in the past year featured hacking, according to Verizon’s newly released 2019 Data Breach Investigations Report (DBIR)—a report that looks at cybersecurity incidents and breaches in different industries and breaks down threat levels and trends.
The report shows that a major threat to organizations, whether a corporation or government entity, is a denial of service attack, in which hackers pummel servers in an attempt to take the infrastructure down. Security teams can guard against non-malicious interruptions with continuous monitoring and capacity planning for traffic spikes.
The report also shows that some industries are particularly targeted, through methods such as ransomware or phishing, with the intent of taking intellectual property out of the business. Rather than take down an organization’s infrastructure, as with DDoS, methods like phishing, ransomware and malware seek to open vulnerabilities within access points in the network in order to remove company secrets, proprietary processes and more.
Verizon Risk Report
Verizon has extensive knowledge about the threats facing each and every industry, and offers a range of products and services that can help organizations better protect themselves. For example, the Verizon Risk Report (VRR) can help provide a 360 degree view of your IT security posture within your specific industry to help you determine where you can maximize your return on investment (when all three levels are engaged); and our Rapid Response Retainer can support you mid- or post-breach and help you recover more quickly.
The Verizon Risk Report is particularly targeted at companies that want to be able to measure the impact of their security investments. Too often, organizations spend millions of dollars on security solutions, without any quantifiable risk analysis that allows them to establish and manage a security benchmark. The VRR solves for this problem.
VRR scoring works on a traditional A through F letter grade scale. To score, we take the IP addresses associated with customer operations—be it a website, POS system, etc.—and conduct a thorough search on them for historical attacks and threats, including a search on the dark web to find chatter about the company’s security vulnerabilities.
Once the business receives their VRR score, we explain why they received their letter grade, and identify the specific areas they can improve to move their grade higher and ensure their data is being protected. We also provide senior intelligence and security analysts to look at which company data is truly worth making significant investments to protect, or if the capital would be better invested in other areas of security.
The Verizon Risk Report has three levels:
Level 1: This is an outside-in view in which we leverage our partners and background with the DBIR to conduct an audit of IP addresses and what your infrastructure looks like to a third-party or external threat. We identify potential methods of attack and vulnerabilities in the network, and provide the score mentioned above.
Level 2: This level looks at internal operations, specifically how employees are being exposed to threats, and what they are doing on a daily basis that might jeopardize infrastructure or integrity of data. We also provide recommendations on how security teams can invest or train employees to be better stewards of company information.
Level 3: The most comprehensive level, this is where a Verizon team comes into your business to conduct a true culture and process review of IT, infrastructure, and technology stack and how employees interact with potential threats. We sit down with you to identify current policies in place and evaluate how to best train employees to be more vigilant when threats come across their inbox.
Level 3 includes up to 100 hours of professional services that allow our staff to work side by side with your team to help employ solutions, fix issues that have been identified in previous levels and give the guidance necessary to solve problems that you might not have been able to fix yourself.
Cybersecurity is more important than ever for companies. The most important defense is knowledge, perspective, insight and understanding of the threats your organization faces, in order to take the crucial steps to mitigate them.
Learn how Verizon Partner Solutions can keep your business secure and protected from threats.