German analyst firm Crisp Research currently has an excellent overview over the threats from cyber criminals with which companies are now confronted.
A table listing entries from A for Advanced Persistant Threats through to S for Social Engineering, neatly presents the most common threats that are used to attack the systems and infrastructure of companies in order to gain access to data from departments like research & development (industrial espionage remains a big issue), marketing, HR and, of course, finance. According to the experts, cyber-criminals are especially keen on customer and employee details, balance sheets or even access to bank accounts.
One of the most common vectors of attack (meaning a combination of the channels of attack and the technologies used in attacks) is still spam messaging, which deploys masses of untargeted emails that may include links to malicious websites or contain infected attachments, and is also used for phishing attacks. Apart from the damage caused to the image and reputation of a company, such attacks can naturally pose a massive financial risk, for instance if it leads to a disruption in production or when compensation has to be paid for damage caused to partners.
As one of the preventive measures which can be taken against hacking attacks, Crisp mentions protection of mail servers by means of blocking or quarantining. This category also includes our Retarus E-Mail Security service, which has recently added such as sandboxing and even includes the postdelivery protection postulated by Gartner.
One should also not underestimate the value of sensitizing employees (user education) – if they don’t know how they can assist in IT security issues and what to do in case of a spam email or a social engineering attack, even the most impressive technological bulwark is of little benefit. Of course, that doesn’t mean that businesses shouldn’t be thinking about security and data protection from the very outset when setting up new systems (security by design, privacy by design) – with the new EU General Data Protection Regulation, GDPR for short, coming into force, this is set to become even more important than it has been so far. Given these challenging preconditions, external service providers can support companies with their expert knowledge and assist them by acting as a sparring partner. To find out what Retarus can do for you in this regard, please get in touch with your local contact person.