Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

2017 Brings DLP Technology and IoT's Weaknesses to Light

DZone's Guide to

2017 Brings DLP Technology and IoT's Weaknesses to Light

As more sophisticated attacks will take place without regard to size or industry, we need to be aware so we can take action.

· Security Zone ·
Free Resource

Mobile is increasingly becoming a part of every consumers’ identity, but the increasing use of this digital channel is escalating the security risks faced by consumers and institutions.

Dr. Jo Webber, CEO of Spirion has seen many companies in the last five years rushing to implement data loss prevention (DLP) solutions without taking the time to first identify the data that should not transit egress points. Most of these rushed implementations have not been successful. Security analysts, in particular, 451 Research, have been recommending companies first identify and classify data before deploying DLP. Unfortunately, we are just now seeing companies execute this approach. Companies in 2017 that identity and classify data before they begin implementing DLP solutions will see a dramatic increase in the effectiveness of their data protection programs.

In 2017, attacks that seek to access a company’s sensitive data will increase. Some of the attacks will be conducted by activists looking to damage their targets’ integrity and reputation – similar to the intent behind the Sony breach. Other attacks will be for financial gain, predominantly tied to ransomware. Hiding behind the anonymity of bitcoin and other cryptocurrencies, ransomware continues to be a crime where the culprits can remain anonymous and difficult or even impossible to capture. Cybercriminals will continue to upload stolen data publicly to make investigations and containment trickier.

The likelihood of a data breach is higher than ever and organizations must get serious about the sensitive data sprawl that is occurring across their networks. In the case of the Sony breach, one of the biggest and most newsworthy breaches since 2014, the majority of the damage was done from sensitive data that was stored unprotected on their network. Companies need to develop enterprise-wide data security programs to address vulnerabilities.

Data sprawl continues to be a major threat to enterprises and governments alike. In the majority of recent attacks – the Home Depot breach, the SWIFT network breach, the DNC breach – the common denominator is the unaccounted-for sensitive data. Unknown or misplaced sensitive data that is stolen is the most valuable to the cyber thieves and the most devastating to companies. Enterprises and government organizations must take action to ensure they eliminate sensitive data sprawl across their organizations. This is the very first and most critical step in protecting themselves, their employees and their customers from the major risk of a data breach.

We also see Internet of Things (IoT) devices as a weak link in the security chain. The vast majority of IoT device manufacturers are not able to address security threats, as we saw in the DDoS Dyn attack. Early IoT security failures will push the industry toward authentication standards but these standards will not be implemented before 2017 comes to a close. Operational technology needs to be aggressive with their cybersecurity approach – by hiring experts and assigning the businesses responsibility of cybersecurity to individuals.

Explore the authentication advancements that are designed to secure accounts and payments—without overburdening consumers with a friction-laden experience.

Topics:
data loss prevention ,dlp ,iot ,ddos ,ransomware ,cryptocurrency

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}