Question

What are the specific risks that a company has to be concerned with when technology (IT) is involved?

Answer 1

The following are the risks concerned to a company's technology ;

1.Technology with Weak Security –

New gadgets have some form of Internet access but no plan for security. Each unsecured connection means vulnerability. The rapid development of technology is a testament to innovators, however security lags severely.

2.Social Media Attacks –

Cybercriminals are leveraging social media as a medium to distribute a complex geographical attack called “water holing”. The attackers identify and infect a cluster of websites they believe members of the targeted organization will visit.

3.Mobile Malware –

Security experts have seen risk in mobile device security since the early stages of their connectivity to the Internet. Considering our culture’s unbreakable reliance on cell phones and how little cybercriminals have targeted them, it creates a catastrophic threat.

4. Third-party Entry –

Cybercriminals prefer the path of least resistance. Target is the poster child of a major network attack through third-party entry points.

5.Neglecting Proper Configuration –

Companies continue to neglect the importance of properly configuring security settings. several critical functionalities needed to fully protect the organization’s information.

6. Outdated Security Software –

Updating security software is a mandatory step to protecting big data. Software is developed to defend against known threats. That means any new malicious code that hits an outdated version of security software will go undetected.

7.Social Engineering –

Cybercriminals know intrusion techniques have a shelf life. They have turned to reliable non-technical methods like social engineering, which rely on social interaction and psychological manipulation to gain access to confidential data. This form of intrusion is unpredictable and effective.

8.Lack of Encryption –

Protecting sensitive business data in transit and at rest is a measure few industries have yet to embrace, despite its effectiveness.

9.Corporate Data on Personal Devices –

Whether an organization distributes corporate phones or not, confidential data is still being accessed on personal devices. Mobile management tools exist to limit functionality but securing the loopholes has not made it to the priority list for many organizations.

10.Inadequate Security Technology –

Investing in software that monitors the security of a network has become a growing trend in the enterprise space after data breaches. The software is designed to send alerts when intrusion attempts occur, however the alerts are only valuable if someone is available to address them. Companies are relying too heavily on technology to fully protect against attack when it is meant to be a managed tool.