It’s a new year, a time to reflect and consider what we might do differently in 2017. 2016 saw a variety of security challenges, from spikes in ransomware to the rise of the insider threat. In fact, according to the IBM X-Force “2016 Cyber Security Intelligence Index,” 60 percent of all attacks are carried out by insiders.

We must learn from the past year of IT missteps and make a security resolution to adapt to the threats that lie ahead in 2017.

What We Learned in 2016

There is a widespread perception in the IT industry that people are the biggest threats to cybersecurity. Without stringent identity and access management (IAM) controls in place, a malicious insider can exploit a part of the organization. Insiders also pose other problems, since employees with poor security hygiene are the weakest links — prime targets for phishing and ransomware schemes.

The cybersecurity skills shortage can further weaken a company’s security posture. Additionally, as the number of connected devices continues to increase, so does the importance of securing the Internet of Things (IoT). This will be a major theme in 2017.

In short, IBM X-Force identified the most significant cyberthreats to emerge in 2016:

IT professionals should consider what they can do differently to steer clear of these pervasive attacks in 2017.

Embracing a Culture of Security

Here’s my New Year’s security resolution: Rather than understanding the technical details of the vast amount of security tools available, I aim to embrace the entire culture of security. Security culture can be described in many ways, but it primarily applies to people, processes and technology.

Get Back to Basics

For me, it security culture comes down to an individual’s perception and behavior that could impact security. For example, some individuals are wary of cloud-based apps, while some make a risk-based decision to use them.

We’re only human, but we can minimize inevitable human errors by spreading awareness of the threats surrounding our environments and following security best practices. This needs to start with the basics. Gone are the days of snoozing software updates. Passwords should be complex and changed often, and information must be managed and backed up.

Back Up Data Regularly

It sounds straightforward, but sometimes we slack when it comes to cybersecurity despite our best intentions. While I was working late on my dissertation one night during my final year of college, I spilled coffee all over my laptop. All my work was lost. Had I been backing up to an external hard drive, my files would have been safe. I even own an external hard drive, but it too often sits in a box on my shelf. Reflecting back on my dissertation and given the seriousness of a cyberattack compared to a coffee spill, I pledge to back up my data regularly in 2017.

Share Threat Intelligence

Developing good habits is a good start, but cybercriminals constantly reinvent their attack methods to stay one step ahead of security researchers. With this in mind, we need to be aware of the changing threat landscape.

The collaborative nature of cybercriminal activity is actually a great example for security researchers to follow when it comes to personal development and threat sharing. My brain can only absorb so many security articles, blogs, white papers, videos and webinars in one day. By using content organization tools and speaking to a wide network of security professionals, I will continually build on my understanding of the security landscape in the coming year.

A Security Resolution for 2017

There are threats we can predict and those we cannot as we enter 2017. We are, however, responsible for protecting our data and that of our employers. Through basic security hygiene and collaboration, we can keep 2017 secure, one leap at a time.

Here’s to a secure 2017!

More from Intelligence & Analytics

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today