Enterprises Warned To Take Cyber Spying Seriously

An Ovum analyst warns of enterprises’ cavalier attitude towards shutting out cyber spies

Companies should be following the government’s lead by taking cyber espionage more seriously and shoring up their defences, an Ovum report suggests.

Principal analyst  and author of the report, Graham Titterington wrote, “Cyber criminals are graduating from stealing credit cards and banking credentials to targeting corporate plans and proprietary information.”

He added that these cyber spies see product and technology blueprints, customer lists, or information that can be used to embarrass or disadvantage a victim as valuable loot. Meanwhile, companies are preoccupied with defending their financial data from theft and totally disregarding other assets.

“This needs to change, and enterprises need to wake up to the danger posed or risk losing valuable information and having to deal with the consequences,” Titterington warned.

Home Is Where The Threat Lies

Titterington sees the threat extending beyond the confines of the firewalled companies and extending to home networks of employees. As workers add more and more details to their social networks and store information on poorly defended home networks, they could be exposing themselves to blackmail and extortion.

Protecting Against Cyber Espionage advises a higher degree of caution by increasing the awareness of key staff members to the threat of cyber espionage. Sensitive data should be protected by restricting its distribution and users with access to the information should be vetted carefully.

Any data that is held on third-party sites, either shared with partners or on cloud storage sites, should be protected and a risk analysis should be conducted for the use of mobile devices and removable media.

Information that is copied around the organisation increases the opportunities for cyber thieves to gain access to a copy. Titterington advises that a shared data infrastructure should be considered wherever possible to reduce the quantity of data held by the organisation and to discourage users from creating copies.

“Every piece of stored data and every copy of this data is a potential leakage incident as it gives spies more potential targets to attack,” he said. “The increasing volume of data makes it harder to manage the entire data estate.”