Cybersecurity Trends of 2018
With 2017 in the rearview mirror, organizations are focusing on developing their technology and cybersecurity plans for 2018. Many organizations are looking for guidance on what products they should be considering, or how to meet the latest compliance requirements. We are seeing several trends that companies should be focused on this year.
Many companies are focused on meeting new and developing compliance requirements, such as the New York Department of Financial Services’ (NYDFS) cybersecurity regulation NYCRR 500 and the General Data Protection Regulation (GDPR). The standards set forth by the NYDFS outline the minimum processes, procedures and controls that need to be in place within an organization licensed in the state of New York to protect against data loss. NYDFS requires that organizations develop, maintain, and monitor a holistic cybersecurity program that is overseen by the senior leadership and officers of the company, with the first certification deadline on February 15, 2018.
GDPR is much more robust, and impacts any organization that retains information from residents of the European Union. The goal of this legislation is to create a framework of controls that an organization must implement and establishes a 72-hour disclosure requirement in the event an individual’s information has been compromised. While this is a European Law, companies in the United States retaining the personal information of EU citizens are impacted. The penalty for non-compliance is 2% of annual revenue up to 10 million euros. If you feel surprised by these details, you’re not alone; realistically, many organizations are just starting to understand that they are impacted by these requirements, which go into effect May 25, 2018.
Unfortunately, with the cybersecurity talent shortage, organizations are finding it difficult to recruit qualified security professionals to aid in meeting these requirements. Many are engaging outside firms or professionals for cybersecurity services, naming these individuals as their Chief Information Security Officer (CISO) to satisfy compliance requirements.
Even if you’re not subject to NYDFS or GDPR, many organizations are looking at a “pay now or pay later” decision as it relates to cybersecurity and compliance. One of the best ways to limit this exposure is to build out functional roadmaps to meet the demands of applicable compliance requirements. Developing a holistic strategy not only enables you to control costs, but it also limits your risk exposure to cybersecurity incidents.
Email, Fraud and Ransomware
Regardless of your organization’s size, technology, or location, chances are you know of someone who has been impacted by phishing, wire transfer fraud or ransomware. Going into 2018, we see a number of companies looking to improve their email security, cybersecurity monitoring with a focus on mobility, and endpoint protection.
With regards to email, companies should be adopting a comprehensive email hygiene solution that not only includes SPAM filtering, but also aids in e-discovery, advanced threat detection and anti-malware. Organizations should also make sure that their email and DNS platforms have configured Domain-based Message Authentication, Reporting and Conformance (DMARC). This protocol is used to defend your brand and customers against email spoofing attacks, which can be very damaging to a company’s reputation. The US Federal Government has also made the implementation of DMARC a requirement for all agencies and organizations that it operates.
In 2017, we continued to see a rise in attackers sending malicious spear phishing emails to defraud companies and customers. Given the success of these kinds of attacks, we expect to see a continued rise in 2018 of attackers utilizing technology to trick employees and customers into granting them access to sensitive information and/or directly wiring them funds.
Monitoring and Insight
Given the variety of attacks that organizations are being subjected to, along with compliance requirements for good monitoring and audit trails, demand is high for comprehensive monitoring and analytics solutions that enable customers to understand how their data is being utilized and that provide automated threat intelligence and improved protection. Earlier technologies, such as Security Incident and Event Management (SIEM), provided a platform for correlating and collecting logs and information from multiple sources within an environment. Intrusion Prevention Systems (IPS) were also utilized to provide automation around preventing active exploitation by an attacker within a company’s environment. However, the primary challenge associated with both of these technologies is the need for ongoing care and feeding. Organizations must tune SIEM and IPS solutions to understand normal operation within their environment, typically requiring significant human capital to maintain and realize continued value.
The next wave will be “managed” solutions that enable companies to implement a solution and simply outsource the human capital element to sort through false positives and do simple remediation. Such technologies include Amazon Guard Duty, which monitors threats and indicators of compromise and, through the use of machine learning, automates alerting and response to threats. The adoption of Endpoint Detection and Response (EDR) solutions on endpoints will not only displace traditional Anti-Virus solutions, but will also enable organizations to gain better insight into the activities occurring on their devices and to simplify the remediation process.
Overall, cybersecurity in 2018 will be focused on reducing liability through adherence to compliance, reduction of fraud, and increased efficiencies through better intelligence and threat management. These concepts build on the general premise of a multilayered cybersecurity strategy that aims to reduce the risk exposure of an organization, and of utmost importance, its customers.
About the author:
JT Gaietto is Executive Director, Cybersecurity Services for Richey May & Co, LLP. He focuses on providing clients with critical security and regulatory compliance support, including incident response, third-party risk management, business continuity and customer and government due diligence oversight. He can be reached at firstname.lastname@example.org.
Loan Vision User Conference 2018
Loan Vision User Conference 2018 in Nashville, TN
Tips and Tricks Series: Mapping Import - Deposit Lines
Join us for a webinar on Mapping Import - Purchase Lines
Tips and Tricks Series: Creating Conditions
Join us for a webinar on Creating Conditions
With Loan Vision, growth has been facilitated through allowing the business to run reports and extract key data quickly and efficiently"Oystein Konsmo, Chief Financial Officer, NOVA® Homes Loans
Moving to the latest version of Loan Vision will allow us to automate more and get more information to the decision makers in the branches without them having to reach out to the head officeOystein Konsmo, Chief Financial Officer, NOVA® Homes Loans