By Pamela Passman …
Cyber security has been a priority – current events have made it an urgent one. Companies of all sizes and maturity levels are falling victim to cyber attacks. Large enterprises are experiencing breaches that compromise the personal information of millions upon millions of individuals, while small-to medium-sized organizations are being targeted as entry points to infiltrate supply chains and gain access to larger organizations. This has made third parties an increased concern for cyber risk, and rightfully so. According to the NAVEX Global 2017 Third-Party Risk Benchmark Report, cyber security and data protection have become the top concern for organizations’ third-party risk management programs.
CYBER ATTACKS ARE NOT ONLY INCREASING IN FREQUENCY AND SIZE BUT ALSO IN COMPLEXITY. NEW THREAT TYPES ARE EMERGING, AND OLD THREATS ARE MANIFESTING IN NEW WAYS.
Cyber attacks are not only increasing in frequency and size but also in complexity. New threat types are emerging, and old threats are manifesting in new ways. The now infamous WannaCry attack is a new variation of an old threat and has made “ransomware” a household term. Whereas stealing information has always been a concern, now cyber criminals are holding that information hostage for a ransom at the threat of sharing it publicly, manipulating it or destroying it.The cyber security environment is expanding as well. Data is proliferating more rapidly than ever and there has been a dramatic increase in the number of digital devices connected to the global IP network. The use of these devices by employees to store and access sensitive information has effectively increased the surface area that cyber security programs are required to protect.
In short, companies are starting to feel the urgency of the risks today. As security experts like to say, “There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.”
Read full article here …
