by Richard Archdeacon, Strategy & Technology
Welcome to part 2 of this two part blog post series providing a short guide to the most important threats, risks and challenges to business currently facing the enterprise CISO. In the first post I discussed Advanced Persistent Threats, Cyber Warfare Attacks, Hactivism, Cloud and Consumerisation & Mobile Working. Here are numbers 6 to 10 in the list.
6 Social Networking
The rise of Facebook, Twitter and other social networks are the social and technical phenomenon of the last five years. Deeply ingrained they pose security and logistical headaches for security people. Data can leak, they hog bandwidth, and brands can be damaged via careless postings.
Why is compliance a threat? Because the penalties for failing to comply with new laws and data directives are getting harsher. Disclosure laws in the US mean that any business that loses customer data must make it public - with resultant brand damage. In the UK the Information Commissioner's Office is able to order organisations to pay up to £500,000 as a penalty for serious breaches of the Data Protection Act.
8 Software vulnerabilities
As more applications are developed in-house, software vulnerabilities are an increasing risk as they are tracked and used by hackers as a back door into the corporate network.
The greatest risk to a business is that if they haven’t been attacked then everything is locked down. That’s when they get attacked. Constant vulnerability scanning and risk assessment are the only ways to avoid complacency and maintain security readiness.
It is estimated that many security managers are struggling to manage IT security kit from an average 40 vendors. This creates huge problems in terms of patch management, SLA management and vulnerability management. The solution is regular and deep audits and IT hygiene programmes.
If you're facing any of these risks, threats and challenges feel free to share your story below or contact us here and one of our specialists will be in touch to help.