Think about the vast information you have stored on your
phone; contacts, family pictures, passwords, emails, and your favorite apps.
What would happen if that information was left vulnerable for hackers to
obtain? What if the manufacturer sent out an update to protect your phone from
potential hackers, but you did not to install it because your phone was turned
off? All of your precious and personal
information would be left vulnerable to hackers wanting to steal and use that
data. This same scenario is what companies combat every day except on a larger scale.
Companies at every level have to combat the possible attacks
of hackers. In today’s world, the potential of your company being hacked is not
a question of “if” but of “when”. According to a 2015 study by Duke University and CFO
Magazine Global Business Outlook Survey, hackers have successfully infiltrated
more than 80 percent of U.S. companies.
Smaller organizations are more prone to breaches as they have fewer
resources to allocate to potential threats.
Businesses are often more susceptible
to these attacks because proper measures have not been put in place to
effectively combat and protect against significant attacks such as malware or
ransomware. In relation to the various attacks that companies may see, there
are two major levels of cyber-attacks.
Breaking down what’s out there
Cyber-attacks can range from
soft/medium grade attacks such as phishing or hackers receiving information
from a disgruntled employee to hard attacks which requires hackers to get
direct access to the information through breaking in or hacking the firewall.
There are specific gatekeepers
to each level that can help identify and prevent potential hacks. All in all a
lot of the responsibility comes down to how you manage your electronic
Soft/mid-grade attacks are the
more common form of hacking that companies face. The gatekeepers for this level
of attack include the employees and the IT department. With this type of
attack, hackers are able to enter into a company database through phishing or
exploiting a known password schema to gain access into the system. These
attacks can also happen due to insider information from disgruntled employees given
Forrester’s 2016 Global Business Technographics® Security
Survey revealed around 49% of global network security decision-makers reported
that they had experienced at least one breach over the past 12-months. Soft/mid-grade attacks can be avoided by the implementation
of employee education such as online security courses that require a refresher
every year. Other measures to stop such attacks include a vigilant IT, having a
strong rotating password in place, and ensuring that any suspicious emails or
activity is addressed immediately.
The second and more extreme level of cyber-attacks are known
as a hard attack. Malware, Ransomware, and Denial-of-Service (DoS) viruses are
examples. These attacks are more
difficult to engineer as they require more leg work. Hackers are searching through code, looking
for various security holes and may even necessitate physical access to company
buildings in order to retrieve the information they need.
In a recent Forrester study found that software
vulnerability is responsible for 42 percent of attacks. These threats can inflict significant
monetary damage to a company. The majority of these threats exploit known
software vulnerabilities. For this level
of cyberattacks, it is vital to keep the company’s software updated. Immediate
and frequent updates of security software, application of security patches, and
better physical security are the best precautions a company can take to deter
these intrusions. The immediacy of these
updates can sometimes be the difference between a small or non-issue and a major
issue; it is crucial that IT departments have the tools to update their
Becoming more proactive
Although educated employees and a strong IT department are crucial
to keeping hackers out of the company’s data, these best practices and
solutions, such as anti-malware, virus-protection, and firewalls, are useless
without the proper implementation. The
real security holes are found when IT cannot update or have not updated their
equipment. Machines that are in a low
power state are typically unreachable and, as a result, unavailable for an
emergency security update.
Enterprise-wide, effective wake solutions are an investment
that companies should make in order to ensure their networks are effectively
executing software patching updates. Machines that are powered down will not
receive or process updates sent out by IT departments until they are awakened. Implementation
of wake software allows machines that are powered down to be awakened and
alerted to the updates so that their systems can adapt and download the changes
that help to lessen their cyber vulnerability.
Power Management solutions that include enterprise-wide wake help solve
the waking issue as a complement to their function. Companies using this technology have seen
increased success in software updates, from about 60 percent before the implementation
of the wake solutions software to about 95 percent success after the use of
Being aware of the multi-pronged problems that arise as a
result of software not being patched or installed is a major step in protecting
yourself from an attack against your company and ensuring the security of your