Corporations suffered more cyber attacks in 2014 than ever before, causing the loss of business intelligence and personally identifiable information at an alarming rate. As a result, confidentiality issues and privacy concerns have fueled discussions in the media and become top of mind among corporate executives.
Then, at the end of the year the conversation changed. A major attack aimed at corporate destruction served as a sobering wake-up call. It’s not only the frequency of cybercrime that is escalating – it’s the severity of damage.
Adversaries that commit cyber crime for personal and financial gain could soon be the least of our worries. The world has now seen an activation of foes that are likely well-funded by nation states or driven deep ideological motivations — taking innovation and persistence to new levels.
This evolution in the threat landscape sparked rare warnings from the FBI and Europol in late 2014 urging organizations to prepare for new types of campaigns aimed at destruction. Seems that our adversaries have upped the ante, and we are now facing sophisticated attackers determined to delete data, tamper with control systems and even cause physical harm.
How do corporations mitigate these devastating risks? Are there any precedents for these types of attacks? How can we adapt our cyber security thinking and tactics?
In this month’s Security Magazine Steve Chabinsky explains that in addition to protecting data privacy – corporations need to maintain a focus on the integrity and availability of essential data, systems and services. Using examples from destructive breaches in the last few years, he explores lessons learned and tactics that can help us prepare adversaries aiming for corporate destruction.
To read the entire article, click here.