Security Market Segment LS
Tuesday, 20 December 2016 11:03

Data is the new gold, trust is the new driver


More data breaches — some very high profile ones with Yahoo!, Sony, Ashley Madison, Target, LinkedIn, IRS/FBI/US Department of Homeland Security and a host of health-related record keepers — hit the headlines in 2016. People trusted these organisations, rightly so, to keep their data safe.

In fact, the US-based Identity Theft Resource Centre lists 980 significant, known breaches to date and over 35 million personally identifiable data records that were exposed. There are thousands of unreported breaches as well.

Palo Alto Sean DucaSean Duca, vice-president and regional chief security officer, Asia Pacific, Palo Alto Networks,  has written on his company’s security predictions for 2017 and warns, “People will continue to be too trusting or fooled into thinking something is safe – for example, confidential data - when it really isn’t.”

Duca says 2016 was a challenging year for organisations particularly as cyber adversaries achieved high-profile success, mainly with ransomware and data breaches. Being aware of security concerns doesn’t mean avoiding new technology altogether. It’s about being sensible and trying to stay ahead of cyber criminals by understanding current and potential threats and what can be done to mitigate the risk.

Palo Alto Networks security predictions for Asia-Pacific in 2017

Industrial control systems may turn against you

Industrial control systems (ICS) are an integral part of any business, especially in Asia-Pacific. They can control lifts, security cameras, access doors and much more.

Many businesses outsource building management so they don’t necessarily know whether the third-party provider has adequate security in place. It is not impossible for a malicious actor to execute an attack that could cause significant damage.

For example, an attacker could turn the heating up to a dangerous level in a company’s server room or data centre and then disable all the building access points so no one can get in to physically remove hardware to a safer location. The hardware overheats, causing significant disruption to a business, its customers and its partners.

Business needs to consider:

  • Organisations need to gain an overarching view of their potential weak spots through third parties as well as their own network. Additionally, they need to put a plan in place that would help counter any potential attacks.
  • Have you checked what non-IT equipment your business depends on and what security it has? Are these devices connected to the internet or are they managed by a third-party?
  • When outsourcing to a third-party, what level of security assurance do they have in place? Are they able to provide information on how they secure themselves and, ultimately, how they secure and manage their customer's network and systems?

The Internet of Things (IoT) devices will be a target for cybercrime

Gartner predicts that the number of connected ‘things’ will rise from 6.5 billion in 2015 to almost 21 billion by 2020.

Connected devices will also be a target for cybercrime, even more so because people place enormous trust in third-party vendors being safe. These endpoint devices provide thousands of potential entry points to an organisation’s network - they need to be secured.

In 2016, we saw the first real challenges appear where compromised devices were connected in a botnet to launch DDoS attacks against banks and key parts of the internet infrastructure.

Business needs to consider:

  • Understand that the IoT is a current reality - not a possibility or a project of the future. Ask suppliers involved in security assurance how they can assure the security of the devices they provide.
  • Any devices using factory settings for security are simply asking to be compromised. IT managers must change those standard administrator passwords to avoid being targeted.
  • These devices should also be regularly checked to see if they adhere to the company’s security policy.

We may see a ransomware vortex with a nasty surprise

Ransomware involves attackers locking up a business’s data and demanding a ransom for its release.

If you thought 2016 was bad for ransomware – where attackers access data and ransom it back to the victim – then 2017 will be worse. Expect to see a higher attack volume, using more sophisticated technologies. If the discovery of Locky ransomware was anything to go by, financial malware will continue an upward trajectory in 2017.

What business needs to consider:

  • If you have fewer than 72 hours to respond, do you have a comprehensive backup strategy and response ready to counter these attacks?
  • When was the last time you tested and verified the backup?
  • Have you applied basic file blocking to prevent threats from entering your organisation?

We will have serious data trust issues

People will continue to be too trusting or fooled into thinking something is safe when it really isn’t. For example, confidential data can be exposed, or made available, that looks like it comes from an organisation when it was actually planted by a malicious party. Either way, there’s a business reputational risk and a monetary price to pay.

What Can Be Done?

  • Businesses need to look at two key things: where sensitive data resides and what data is critical to it to operate
  • Who amongst employees has access to sensitive data? Simply knowing who has access to documents or big data stores stops short of understanding to what they have access.
  • A key way to reduce risk to sensitive information is to also understand how the data is protected. Is there protection in place, and does it meet the right level to mitigate risk for something that could be mission-critical to a business?



Read 2225 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News