Not long ago, we were saying, “a criminal act doesn’t occur every day but can happen any time.”
This fact is outdated. These days, a criminal act occurs every second of the day and, unfortunately, this is the truth. All around the world, business profitability is affected by criminal activities. And we’re talking hear about everyone, companies, either big or small. Almost everyone involved has made it a priority to prevent these criminal acts.
Most of the time, the budget is the one it decides how much is invested and where it’s invested in the field of security, but this is where the errors show up in the first place. A large budget doesn’t necessary mean better and/or more efficient security. It does sometimes mean a more complex security but, not necessarily more efficient. Huge budgets are spent on the latest technology that proves itself, in many instances, completely useless.
I have a very simple explanation for this fact: the human factor and the decisions he takes.
I don’t want to be misunderstood. I support using the human factor in all cases where security is needed. I do not believe, or encourage the use of robots or AI to decide for humans. What I’m saying is, if we follow the procedures in place for the security of goods and the security of our lives, this is the best preventative instrument. There are many resources in support of a better security.
Security cameras have proven themselves to be very efficient in many situations and sometimes, discourage unauthorized access but all these generate hot debates against all what surveillance stands for. Many conspiracy theories come out of these debates, and some of them prove to be true.
In the case where the surveillance integrates with the control and access systems, the alarm systems and security procedures, the results turn up to be criminal free safety area?
After all, security prevention is marked by the saying “a criminal act does not occur every day but can happen any time.”
I don’t believe most damages occur through physical criminal acts such as theft or robberies. I am convinced that the greatest risk is represented by data and information theft. This is the new risk in security management.
There were 62% more breaches in 2013 than in 2012, and over 553 million identities stolen, up from 93 million in 2012, an increase of more than 594%.
Antivirus software catches just 45% of cyberattacks, as estimated by Symantec’s VP for Information Security Brian Dye. This is just one example of how ineffectual security tools are quickly becoming outdated and unprofitable in the rapidly changing IT landscape. Consumer-driven technology has changed the IT industry for good, introducing multiple unsecured and unstandardized personal devices into the workplace.
Enterprises now need to deal with the security risks those devices introduce into their environments, as well as find a way to centrally manage said devices in order to strengthen their security profiles. Two increasingly commonplace conditions in the workplace model require a solution that makes corporate networks and resources available whenever, wherever.
Employees often work odd hours, remotely, while traveling – often from untrusted access points (ie. public Wifi networks). Large enterprises are employing armies of vendors and subcontractors as outsourcing becomes more cost-effective. As a result, data and applications no longer exist only onpremises.
That also means cloud-based systems are most likely housing sensitive data, whether that’s proprietary business information, customer financial data, protected health information, etc.
Consequently, remote access to these systems via web-based logins is an easy and extremely valuable target for attackers targeting internal company networks. As described in the Cloud Security Alliance’s document, Top Threats to Cloud Computing,4 the threat of account or service hijacking ranks high for organizations that use cloud, or web-based applications. Account or service hijacking is not new. Attack methods such as phishing, fraud, and exploitation of software vulnerabilities still achieve results. Credentials and passwords are often reused, which amplifies the impact of such attacks.
In remediation, the Cloud Security Alliance recommends that organizations leverage effective two-factor authentication techniques where possible as well as prohibit the sharing of account credentials between users and service.
Source Duo Security