The Top Cyber Security Threats Facing Enterprises and How to Mitigate Them

CIO studying cyber security issues

The Top Cyber Security Threats Facing Enterprises and How to Mitigate Them

As cybersecurity threats become more prominent and the Internet of Things (IoT) devices become more essential, the tactics behind the threats are evolving into more sophisticated forms. This can lead to an increase in certain types of cybersecurity attacks and threats that can sometimes catch IT managers off guard. Knowing what types of attacks and tactics are on the rise can help managers plan proper prevention and mitigation strategies. Given that 31 percent of organizations have been subject to cyber-attacks according to United States Cybersecurity Magazine, managers can no longer afford to be lax when it comes to security protocols.

What are the Top Threats?

Financial fraud through compromised business emails, credential stuffing, web application attacks, data breaches, and malware attacks have made the top list of threats. Compromised business emails come in the form of false requests to employees to pay nonexistent invoices, modify bank accounts, and purchase gift cards. Many of these emails are written using spoofing techniques that make it appear as though the email is coming from a top-level executive or a person of authority within the organization. When employees are misled by the emails and disclose the financial information the attackers are looking for, the company’s financial accounts and resources become compromised.

Credential stuffing occurs with unauthorized access to the company’s systems or enterprise-level applications via a legitimate employee’s username and password. With credential stuffing, a large number of employees’ usernames and passwords are either obtained through social engineering, phishing, or random guessing. Since it is natural for most to keep reusing the same usernames and passwords, it can make it easy for attackers to guess credentials that are similar in nature or that are updated in a sequential manner.

Web application attacks take advantage of vulnerabilities in the coding of applications and configurations. Common types of attacks include distributed denial of service (DDOS) and bypassing network firewalls to obtain sensitive data. Sometimes web application attacks are used in order to gain access into an organization, including physical access to a company’s servers. Data breaches can occur through web application attacks and unauthorized access to a company’s cloud storage accounts. Weak encryption systems and malware are often to blame with data breaches. Malware can come disguised in the form of freeware or shareware, file-sharing programs, programs or infected files stored on USB drives, and infected files or links shared through email.

Mitigating the Risks

Guarding an organization against compromised business emails includes enabling two-factor or multi-factor authentication. With two-factor authentication, a person must not only enter in credentials but provide another source of verification. This can be a code that is sent via text message to the person’s cell phone. Secondary means of authentication can also come in the form of a fingerprint or key fob. While it is easier for an attacker to guess a weak password and username, it is not easy to gain access to a code sent to a physical device that is only in the possession of the authorized user or duplicate a means of identification that is unique to the person’s physicality. Other means of guarding against compromised business emails include detection rules, employee education about spoofing, and more stringent policies regarding accounting and appropriate uses of email.

Two-factor authentication can also protect an organization against credential stuffing. Additional means include manual checking of passwords against known compromised credentials, enforcing frequent password change policies, employee education about not disclosing credentials, implementing detection rules, and employee education about social engineering and phishing tactics. Web application attacks can be prevented through more stringent firewalls, intrusion detection tools, limiting inbound access requests to server-based applications and systems, stricter scrutiny of cloud service providers and the providers’ security protocols, and the implementation of stricter internal security processes and policies.

Cybersecurity threats are unlikely to become a thing of the past as more devices and business processes become network integrated. However, simply having an internal IT security team in place is not enough to guard against attacks and unauthorized access. Developing both a defensive and an offensive game plan for the top threats most organizations face is an important step towards protecting a company’s sensitive data and technology-related resources.

Should CMOs and CIOs Partner On Strategic Information Technology?

CMO Technology

For as long as the roles of CMO and CIO have existed, their work has rarely overlapped. CMOs focused on the company’s marketing efforts while CIOs stuck to the technology side of the business. But in today’s digital world, the hard lines that once separated marketing and tech have dissolved. Now, any business that wants to remain competitive must engage in digital transformation—which requires strategic use of information technology incorporating both marketing and IT. That transformation can only be effective if CMOs and CIOs work together.

The Importance of Digital Transformation

According to the Altimeter Group, digital transformation is “The realignment of, or new investment in, technology and business models to more effectively engage digital customers at every touchpoint in the customer experience lifecycle.” The goal of digital transformation should be to better provide value for the client or customer and to improve competitiveness. To achieve these ends, a strategic approach to information technology must be utilized. And for that to happen, CMOs and CIOs must communicate and strive together in seeking the same goal.

The vast majority of businesses were not founded with digital technologies in mind, and even less were created from day one to take advantage of the digital platforms that have emerged in the past decade, much less those that continue to spring up on a seemingly daily basis.

Chances are, as a CMO you have probably already been thinking long and hard about how your marketing efforts can incorporate the vast array of digital technologies available. Just some of the areas where digital transformation could deliver notable improvements include:

  • Mobile computing
  • Social media
  • Big data
  • Cloud features
  • Data privacy compliance
  • BYOD
  • Data security
  • And more…

Of course, to achieve the kind of transformation that you want and need, certain obstacles must be overcome. You have to determine where you are, where you want to go and how you are going to get there—all of which is best facilitated through the partnership of the CMO and CIO.

Partnership Between Marketing and IT Facilitates Competency

The terrain of digital platforms is difficult to navigate for even the most experienced professionals. To conquer this terrain and make it work for your business, it only makes sense to utilize all the resources at your disposal. Between building, running and managing the digital tools necessary to reach and retain customers, and ensuring that marketing efforts are as well integrated with new technologies as possible, there is simply too much required for one department—marketing or IT—to do alone.

Both CMOs and CIOs face unique challenges from the digital technology field. Some of these include:

Challenges for CMOs

For CMOs, the number of existing and upcoming digital technologies can be overwhelming. There are so many areas that must be considered to achieve competitiveness, including:

  • Buying appropriate technology solutions
  • Managing the technology stack
  • Creating infrastructure for technologies
  • Integrating new technologies with existing enterprise solutions

You could be the most effective CMO in the world when it comes to marketing, yet feel completely in the dark when it comes to how to manage the nuts and bolts of new technologies. That is why different departments exist in organizations—because true competency and skill take years to develop, and no one is capable of being an expert in everything.

Challenges for CIOs

The technology your business needs to operate and serve your customer base is the focus of the CIO. However, the marketing end of the equation is rarely an area where the CIO will have much expertise. Some of the things that the CIO may struggle with include:

  • Continued awareness of company efforts to reach and retain customers
  • Understanding the value proposition presented by the company to the client or customer
  • Needed adaptations in marketing messages as new information comes in
  • Which technologies are most effective for marketing based on company needs

CIOs have their own challenges to contend with as they strive to keep the ship running and determine what the best technology solutions are among an increasingly vast array of options. If they are not brought into the marketing conversation, there is a real risk that the left hand can become detached from the right—possibly even to the point where the CMO and CIO are working at cross purposes.

The benefits of CMOs and CIOs partnering quickly becomes apparent as your company embraces technology. Marketing has never had so much reach as it has today with digital platforms and real-time data. But utilizing that technology requires expertise that is found in the CIO and the IT team.

CMO and CIO—In it Together for the Long Haul

CMOs and CIOs share the same ultimate goal—the success of the organization for which they work. Success in today’s digital environment means utilizing appropriate technologies to keep the business strong, competitive and attractive to the customer. To obtain success requires a partnership between the CMO and CIO to identify areas for improvement, move forward with effective action that will achieve improvements, and to continue to adapt to the rapid changes that are inherent in today’s business world.

Contact Your Next
San Francisco Bay Area IT Company