3 Major Cybersecurity Threats That Experts Experience Every Day

This post was published on the now-closed HuffPost Contributor platform. Contributors control their own work and posted freely to our site. If you need to flag this entry as abusive, send us an email.
<p>DigitalVision Vectors/Getty Images</p>

DigitalVision Vectors/Getty Images

In today's scenario, what are the top challenges cybersecurity officials face in their work? originally appeared on Quora: the place to gain and share knowledge, empowering people to learn from others and better understand the world.

Answer by John Kuhn, Manager, IBM X-Force Services, Senior Threat Researcher, on Quora:

Challenges in cybersecurity are evolving on a daily basis. That’s the reason I have such a passion for it, there are new puzzles to solve and new challenges around every corner. It’s the constant learning and understanding that keeps the work so enticing.

Here are three examples of challenges anyone in the industry seems to face every day:

Malware: It’s everywhere, it’s abundant and a large portion of all cyber criminals use it to obtain their goal. Want to lock up computers and charge them a ransom for their data back? Malware. Want to infiltrate an organization through spear phishing and steal confidential information? Malware. Want to make a large public statement and destroy data to get people’s attention? Destructive Malware. You see where I’m going with this, however the point is that malware always plays a role in cybersecurity incidents.

It can also be used as a pivot into the organization. Some malware’s sole purpose is just to sit inside a network and “lay low”. The access is often sold to the highest bidder on underground networks. This type of malware is often referred to as RAT (remote access Trojan). A malware of this nature raises a significant challenge to Cyber Security Professionals, as it’s designed to not be detected by nature. Moreover, signaling the importance of having visibility using technology like EDR (endpoint detection response) helps to gain that visibility needed to flush RATs from their holes. Intelligence sharing is key. If there’s one RAT there’s likely another within the organization. Sharing the key indicators of the malware can help organizations identify and eradicate them.

Users: I mean this from the kindness of my heart, but users are a large source of incidents we face today. Be it from an insider threat (a malicious employee inside the organization) or accidental user actions. For example, a disgruntled administrator of a server containing sensitive data decides to erase all of it and then backups in one keystroke. This erratic behavior is unpredictable since he or she is the admin with all the access and tools to accomplish it (no malware needed). Preventable? Certainly. Through tight access controls and monitoring, this behavior can be thwarted before it happens. However, it’s a risk that needs to be addressed.

Spear phishing seems to be the source of many campaigns these days. Why? Because it works. We often don’t think twice about opening a Word doc or PDF. In fact, many of us do it on a daily basis for legitimate work. Criminals exploit this daily routine of “not thinking” for just that reason, it’s a routine. This is where user education plays a large role for any organization, teaching employees to think before they click. I’m a huge fan of “on the job training” so companies like phishme.com get a lot praise. There’s no better way to help people understand on what not to click than showing them examples. If they do click, they are presented instant training on what they should have looked out for. Also, using email gateway technologies to remove the malicious emails before they make it to the user goes a long way in protecting from spear phishing.

Budgets: Like always, it can be difficult for security professionals to acquire the budget needed for a proper cyber security program. Unfortunately, much of the budget is only obtained after a large-scale data breach or incident negatively affecting the company. Security is a difficult element to quantify and put a monetary value on for many organizations. This is why IBM works with the Ponemon institute to produce the Cost of a Data Breach to show organizations what it would cost them if they were to face a potential data breach.

As previously stated, challenges are abundant in this industry. But luckily, every problem has a solution. Some just take more ingenuity and thought and a passion to solve them.

This question originally appeared on Quora - the place to gain and share knowledge, empowering people to learn from others and better understand the world. You can follow Quora on Twitter, Facebook, and Google+. More questions:

Popular in the Community