By Gadjo Cardenas Sevilla

Hewlett Packard Enterprise has been on the forefront of enterprise security solutions and just released a Cyber Risk Report examining the threat landscape in 2015.

HPE’s work focuses on providing actionable intelligence around key areas of risk including application vulnerabilities, security patching and the growing monetization of malware. These are the security threats that can result in loss of billions of dollars as well as threaten the security of enterprises and their users.

The report also concentrates on important industry issues such as new security research regulations, the “collateral damage” from high profile data breaches, shifting political agendas, and the ongoing debate over privacy and security.

“Canadian organizations are under constant pressure to defend themselves from highly skilled cybercriminals seeking access to their data. This year’s Cyber Risk Report shows that organizations must prepare themselves for many different types of attacks and stay up-to-date with security patching. However, this can be extremely challenging for organizations with fewer IT resources,” said Arif Manji, Vice President & General Manager, Enterprise Services, HPE Canada.

“To help Canadian enterprises of all sizes manage increasing threats, HPE opened a Canadian Security Operations Centre (SOC) in Mississauga, Ontario, last year. Designed to meet federal government security requirements, the Canadian SOC gives clients access to cutting edge security technology, expert staff, and highly valuable threat intelligence, allowing them to free up in-house IT resources to drive innovation.” 

In 2015, we saw attackers infiltrate networks at an alarming rate, leading to some of the largest data breaches to date, but now is not the time to take the foot off the gas and put the enterprise on lockdown,” said Sue Barsamian, senior vice president and general manager, HPE Security Products, Hewlett Packard Enterprise.

BYOD (Bring Your Own Device) applications where employees bring their chosen smartphone, tablet and notebook solutions to work and in turn use these for both personal and professional applications (with the work stuff being secured in various enclaves), has made it possible for enterprise to support a wide variety of devices initially aimed for the consumer market. This has also, unfortunately, opened up some vulnerabilities in terms of mobile applications.

HPE says that mobile applications are the new battlefield opening up vulnerabilities in storage and transmission of private and sensitive information. 75 per cent of mobile applications scanned exhibit at least one critical or high-severity security vulnerability, compared to 35 per cent of non-mobile applications.

The report also finds that leading enterprise OS, Microsoft represented the most targeted software platform, with 42 percent of the top 20 discovered exploits directed at Microsoft platforms and applications.

Ransomware attacks targeting the enterprise and individuals are on the rise, requiring both increased awareness and preparation on the part of security professionals to avoid the loss of sensitive data. The best protection against ransomware is a sound backup policy for all important files on the system. Examples of these nefarious applications include Cryptolocker, Cryptowall, CoinVault, BitCryptor, TorrentLocker and TeslaCrypt.

“We must learn from these incidents, understand and monitor the risk environment, and build security into the fabric of the organization to better mitigate known and unknown threats, which will enable companies to fearlessly innovate and accelerate business growth.” Barsamian points out.

Published by HPE Security Research, the annual report offers in-depth industry data and analysis on the most pressing security issues, providing business leaders and security professionals with actionable intelligence to better protect their digital enterprises and drive fearless innovation.

“Today’s Canadian IT security professionals are tasked with protecting their organizations’ data and reputations, as well as the data of employees and customers. For these professionals, keeping on top of every new security development within the Canadian security landscape is an enormous responsibility,” Manji explains.