During the past year, many businesses have experienced severe security breaches and hacks. As the battle between businesses and hackers continues in 2013, people in cyber security degree programs need to be aware of the ever changing approaches and techniques that criminal hackers use. This knowledge will enable people to protect organizations successfully when they finish their programs and begin working. The following five cyber security threats are five of the most prominent threats for 2013 that people in cyber security degree programs need to understand fully.
- Social engineering. This threat started long before the digital age. During the past five years, it has simply moved onto social networks, including Facebook and LinkedIn. The goal of social networking is to connect people. When a person or a business has a convincing profile, it can be enough to get a company to complete a friend or connection request. This link is all that a hacker needs to start the social engineering scam.
- Advanced Persistent Attacks or APTs. APTs are sophisticated, well-constructed attacks that are intended to obtain access to a network and then steal information stealthily. As APTs are low lying and slow moving, they can be tough to detect, making them very likely to succeed. APTs do not need to target well known programs to be successful. For example, instead of attacking Microsoft Word, an APT may attack an embedded program. It is vital to build security into all devices that have Internet protocol addresses. People in cyber security degree programs should be aware that APTs do not just target small organizations. They are often aimed at large government entities and well established companies.
- Internal Threats. Some of the most severe attacks start inside companies. As approved users have a significant amount of access to data and system functions, these threats can be much more dangerous than external threats. A certain level of trust is required for many companies, but too much trust does leave businesses vulnerable.
- Bring-Your-Own-Device or BYOD. The basic premise of this threat is that more and more people are bringing personal devices such as iPhones and iPads to work every month. These devices open up another possible network for attackers that must be secured properly.
- Cloud Security. BYOD is not the only new technology trend that businesses must protect appropriately. Many companies utilize cloud computing. As companies put more and more information into public cloud services, the services become valuable targets. When businesses set up cloud services, they must have a discussion with the cloud providers about the security measures that will be in place. A breach in security anywhere in the system can mean an opening for a potential hacker.