Executive summary

Cutely named cyberthreats like Poodle, Bart, and Locky may sound harmless, but they could cost your business millions. The FBI estimates that ransomware, for example, is on track to become a $1 billion crime in 20161. A Russian cybercriminal gang allegedly used malware called Lurk to steal $45 million from financial institutions and other organizations over the course of several years2.

The vast majority of these threats are well known. Our threat intelligence data tells us that more than 90% of the attacks we see across our networks are known threats or variants of known threats — not zero-day attacks resulting from previously unknown holes in software. The tools and skills needed to help protect against most of these cyberattacks are readily available.

So why aren’t organizations doing a better job of protecting their assets?

Part of the challenge is the increasing volume of cyberattacks. The mainstreaming of threat methods has made it easy for anyone — from a nation state to a bored high school student — to launch an attack on your organization. They search for weak spots to exploit across your workforce, your partners, and your IT systems. AT&T intercepts thousands of malicious emails daily. It only takes one, opened by an unassuming employee, to deliver a dangerous payload that can lock up your systems or lurk undetected while criminals steal valuable data.

Spotlight on security

  • Build your defenses around known threats
  • Foster a cybersecurity culture within your organization
  • Keep current with security patches, logs, and software updates
  • Implement new technologies with security in mind

Adding to the challenge, widespread adoption of emerging technologies such as the Internet of Things, cloud technology, and mobile devices provide new points of entry for cybercriminals to exploit using tool kits easily acquired on the Dark Web, an alternative gateway to information and communication on the internet.

Many cybersecurity pundits focus on the fear of the unknown. But we believe organizations are better off focusing on the knowns: the documented forms of malware and commonly used tactics that make up the vast majority of cyberattacks.

By remaining true to foundational security practices, while recognizing the distinctive risks of emerging technology, you can detect and respond to the majority of cyberattacks your organization encounters each and every day.

When planning for the year ahead, cybersecurity priorities should include:

Risk and vulnerability assessments. Knowing what you need to protect and where your vulnerabilities exist are critical first steps in a comprehensive cybersecurity strategy.

Automation tools. Stay focused on the basic detect-and-respond defenses required to help protect against known threats. The rising volume of known threats also requires a shift toward automated technologies that help improve the pace and scope of your response.

Awareness. Employee awareness training and governance policies must be regularly refreshed to keep best practices top of mind among all constituents.

We aren’t suggesting that you should ignore the emerging unknowns of the threat landscape. But by defending against the most prevalent and well-known forms of attack — using established practices and commonplace protection tools — your organization will be a less attractive target for cyberattacks in 2017 and beyond.