Hewlett Packard Enterprise Identifies Top Risks for Businesses
Hewlett Packard Enterprise (HPE) recently published the HPE Cyber Risk Report 2016, identifying the top security threats plaguing enterprises over the past year.
As the traditional network perimeter disappears and attack surfaces grow, security professionals are challenged with protecting users, applications and data – without stifling innovation or delaying enterprise timelines. This year’s Cyber Risk Report examines the 2015 threat landscape in this context, providing actionable intelligence around key areas of risk including application vulnerabilities, security patching and the growing monetization of malware. The report also highlights important industry issues such as new security research regulations, the “collateral damage” from high profile data breaches, shifting political agendas, and the ongoing debate over privacy and security.
“In 2015, we saw attackers infiltrate networks at an alarming rate, leading to some of the largest data breaches to date, but now is not the time to take the foot off the gas and put the enterprise on lockdown,” said Jyoti Prakash, Country Director, India and SAARC countries, Enterprise Security Products, Hewlett Packard Enterprise. “We must learn from these incidents, understand and monitor the risk environment, and build security into the fabric of the organization to better mitigate known and unknown threats, which will enable companies to fearlessly innovate and accelerate business growth.”
Actionable Intelligence & Recommendations
· Apps are the New Battlefield: The network perimeter is vanishing; attackers have shifted focus to target applications directly. Security professionals must adjust their approach accordingly, defending not just the edge but the interactions between users, applications and data regardless of location or device.
· Patch or Perish: 2015 was a record year for the number of security vulnerabilities reported and patches issued, but patching does little good if end users don’t install them for fear of unintended consequences. Security teams must be more vigilant about applying patches at both the enterprise and individual user level. Software vendors must be more transparent about the implications of their patches so that end-users aren’t afraid to deploy them.
· Monetization of Malware: Ransomware attacks targeting the enterprise and individuals are on the rise, requiring both increased awareness and preparation on the part of security professionals to avoid the loss of sensitive data. The best protection against ransomware is a sound backup policy for all important files on the system.
· Prepare for Shifting Politics: Cross-border agreements pose challenges for enterprises struggling to keep their systems secure and in compliance. Organizations must follow the changing legislative activity closely and maintain a flexible security approach.