If you work in information security, you know that cyber threats and cybercriminals are nothing if not crafty. It only takes the slightest gap in a secure infrastructure for a threat to break through and compromise both your and your customers’ date. While 100% vendor monitoring might be a little bit out of the picture for your organization, it doesn’t mean that you still can’t take proactive steps to ramp up cybersecurity efforts.
Luckily, InfoSec as an industry has the ability to learn from its mistakes and gaps. While there will always be areas of improvement, looking back on the security threats of 2018 can teach us how to proactively bolster strategic initiatives now to ensure your data is safe and secure for years to come.
Here are some of the top areas of potential cybersecurity threats for 2019 to keep in mind:
The supply chain
One of the most famous cybersecurity breach of our modern age, the 2013 Target breach, was started through the company’s partnership with an HVAC vendor. This data breach ended up compromising more than 100,000 customer accounts and creating havoc for the Target brand: all because of a vendor. As larger organizations become more vulnerable and partner with smaller, more nimble teams, cyberthreats will see this as an opportunity to take advantage of the open door. To truly stay on top of potential cyber threats, your team should make sure to look all the way down the supply chain (even to customers and partners) because you never know who may be hiding the bug.
Organizations of all sizes
Just because the big-name breaches like those of Marriott and Cambridge Analytics ruled the headlines in 2018 doesn’t mean small and mid-size companies aren’t at risk. Cybercriminals aren’t picky about the companies they target and because of this, all corporate organizations should have a strong InfoSec strategy in place moving into 2019. Work directly with your vendors on completing security assessments to ensure there aren’t any glaring holes in your partnership. Additionally, look to a well-known vendor risk management questionnaire to identify any areas of opportunity in your current security strategy.
It’s hard to turn on the news today without hearing some snippet about ‘hacking’ or ‘emails’ or, worse yet, ‘Russia’. No matter what side of the aisle you identify with, there is one thing we can all agree on: cybersecurity is starting to play a huge role in the political agenda around the world. Between China, the United States, and Russia, there are three world superpowers ready and willing to lean into cyber political espionage at the drop of a hat.
While Facebook might have been one of the most popular security breaches in 2018, social media isn’t safe yet. Social media companies are constantly trying to roll out ‘the next big thing’ to users and, sometimes, this excitement gets in the way of an adequate QA process. In 2019, social media is still poised to be one of the most vulnerable areas for cyber threats mainly because there is so much grey area there. If your corporate team is leveraging social media to connect with customers and prospects, don’t just let marketing run with things. InfoSec teams should work with social media marketers to develop contingency plans in case something happens on a social site. Also, make sure all of your passwords are encrypted and monitored — just in case.
Luckily, with the right vendor security assessment vendor in place, your team can bypass all of the tedious corporate infrastructures and get down to doing what you do best: partner with amazing organizations to better serve your customers. You can learn more here.