December 08, 2010, 10:02 PM — In the 1995 film "Hackers" the lead character downloads sensitive information to a floppy disk. Today, of course, advances in technology have yielded equally advanced security threats. Consider news reports in the past year about computers compromised by botnets. Businesses face daily threats from these and other cybersecurity dangers that are further enhanced by increased reliance on new business communications and computing tools.
While most business owners understand e-mail is key to the success of their business, their networks are more vulnerable than ever to the proliferation of increasingly sophisticated e-mail viruses and spam. According to Gartner, 90% of all viruses and worms enter organizations via e-mail. Most of these threats stem from external sources, but IT professionals should not overlook the threats insiders pose - either intentional or accidental.
Large organizations possess the resources to proactively assess and avoid many threats, but countless small- and midsized businesses (SMB) are finding it increasingly difficult to protect their information assets. Unfortunately, conventional firewall/antivirus solutions are no longer sufficient to protect against all the threats. Effective security solutions must continually evolve to incorporate advanced technologies and security-conscious business practices. So what can be done to tighten the security around your business?
While few brand new threats have surfaced recently, the number of cybersecurity attacks has increased. The threats grow more sophisticated and more difficult to battle each year. With the rise of social media, mobile workforces and Web applications, companies are not only being attacked more frequently and efficiently, but from a variety of different vectors.
As a result, patches and downloads are unable to keep up with cyber criminal activities, and some of the most current threats have penetrated even well-defended networks as quickly as within two hours of the first attack.
Many targeted e-mail attacks, often referred to as "spear phishing," exploit end-user vulnerabilities in commonly used programs. This is the primary, early infection method used to compromise computers with Internet access. Attackers also exploit these end-user vulnerabilities when users visit infected Web sites.