Three Barriers to Better Internet Security
Threats from enterprising hackers, cyber criminals and other online ne’er-do-wells have never been more ubiquitous. Yet our ability to combat those intruders remains hampered for a variety of reasons. For example, you would think businesses generally are better than the average consumer at forecasting and managing around the possibility of an attack. After all, organizations that make millions or even billions of dollars annually, and that persistently face the threat of digital assault, seem to be best positioned to be proactive.
Yet the 2016-17 Global Information Security Survey from EY, a global professional services group, suggests even companies struggle to keep up. Just 22% of executives, for example, report having “fully considered the information security implications of their organization’s current strategy and plans.” Meanwhile, only a slightly higher number — 24% — have an incident response plan that would enable them to come back from malware or employee misbehavior online.
Meanwhile, consumers clearly recognize the threat but have little in the way of resources to navigate the complex world of virtual security. A 2016 report by insurance business the Travelers Companies found that Americans rank cyber risks as the No. 2 threat to themselves and their families over the next five years, second only to global and political conflict, a category that includes terrorism and social unrest.
Reasons We Fail To Do More About Online Safety
Why are so many of us ill-equipped to manage rapidly changing internet threats? Several reasons come to mind, among them:
1.The transition from devices to the cloud. Some of today’s leading anti-virus technology companies began with a goal of helping consumers and companies prevent harm done to individual PCs and files. That’s a noble goal and an important mission, yet some of those businesses are attempting to convince consumers their software features protection that creates a secure environment for internet searches, file sharing and other cloud-based activities, which often is inaccurate. Hackers can make small changes to their malware so anti-virus software can’t recognize its signature. Anti-virus software is good for stopping familiar malware threats, but it might not do a great job protecting you from new ransomware or ransomware that has been disguised. By contrast, the best way to protect yourself online when utilizing cloud-based software is to access the cloud via a private, encrypted connection. Companies that would like to transition to the cloud but might be hesitant to do so because of security concerns can consider paying for a data backup service while they develop trust in the cloud. Other barriers you might face on the road to cloud adoption include getting executive staff to buy in, assessing the costs and benefits of moving IT operations to the cloud, and reallocating resources once you are fully migrated to the cloud.
2.Muddling of terminology. My company specializes in VPN, or virtual private network technology. Yet the term is often used too liberally. In some cases, technology companies that have built products using our software take claims too far. To be a true VPN, your security provider must not simply give you access to the public internet. Instead, your provider must create a legitimate private network that is secure and enables remote access to digital information. Another commonly misunderstood term is cyberthreat, which many people think equates to viruses or malware. This is a dangerous misconception, because cyberthreats are really any vulnerability or risk to your data, which extends to hackers, weak security systems and insider threats.
3.The evolution of threats. Whether you are an individual consumer or a business, trying to keep up with the barrage of attacks that occur daily around the world is like a game of cat and mouse. Malware and other types of computer viruses have become more complex and are designed to do major damage. For instance, a creative Canadian teenager used a malicious distributed-denial-of-service (DDoS) attack to target major websites such as Yahoo, Amazon, eBay and CNN with severe consequences. More recently, we’ve seen these attacks against Russian banks, the 2016 Summer Olympics in Rio de Janeiro and the election campaign websites of Donald Trump and Hillary Clinton. Businesses should pre-plan and take certain precautions against DDoS, such as using an outsource provider that can reroute traffic and scrub the majority of it before it even hits their networks. The security community needs better collaboration with product manufacturers to address vulnerabilities. Cyber protection isn’t just a single purchased solution: Instead, it is a combination of proactive choices. Consumers should set strong passwords, update apps from reliable sources, have good anti-virus protection and know which emails and files are suspicious (and get rid of them).