Kaspersky: There’s No Excuse Not To Get Security Basics Right In 2016

A new year often means a new start, with resolutions and vows to be better, fitter or healthier common to many of us. But a lot of these aims can also be applied to IT security, where looking to improve is always a plus.

Last year was a challenging one in cybersecurity terms for the UK, with 2015 bookended by major attacks against Experian and TalkTalk (among others) and during which malware and particularly ransomware continued to run wild.

As we move into 2016, David Emm, principal security researcher at Kaspersky Lab, told TechWeekEurope that the increasing number of threats and devices that can be targeted mean there is simply no reason for businesses of all sizes not to be proactive.

Linking

One of the major growth sectors in 2015 was connected items, as the Internet of Things continued its quest to connect up the world’s smart products.

But technology has moved forward so rapidly over the past few years, Emm believes, that worrying gaps in security protection have appeared.

The sheer breadth of items being built to keep on with this trend has led many vendors with little or even no experience in security releasing connected products, putting users at risk of having their data or personal information intercepted, showing how crucial having effective security precautions in place can be.

“Security isn’t necessarily being factored in at the ground level,” he says, noting that this expansion of connected products will add “a whole new dimension” to the demands on the security industry.

“It’s not always the ways we would predict that technology becomes vulnerable.”

Step forward

So what are the best ways to stay protected? Advanced threats require a new scale of protection, with biometrics and other more ‘personal’ methods often mooted as an ideal solution.

Emm agrees, noting that biotechnology could be a “perfect answer” to implementing effective forms of two-factor authentication – widely seen as offering the most effective way to secure devices. Fingerprint scanning offers a unique, personal way of ensuring your data stays protected, and he believes it will soon be even more widespread as Android manufacturers get on board.

For many people, services such as Apple’s Touch ID were “a huge security step forward” for many people, particularly as many consumers unconsciously still view their smartphones as a device for making phone calls, and not as a highly-intelligent computing device.

No excuse

As for those in charge, the outlook can look bleak, especially as major companies across the world are being targeted by criminals on a daily basis. But often, just doing the little things right can have a huge effect, Emm (pictured left) believes, noting that often, getting the basics wrong can lead to downfall.

Simply keeping up to date with the latest patches and security updates can be enough – particularly in the case of SMBs, who often lack effective protection as they simply do not think they will come under attack.

“There isn’t any excuse,” Emm says, noting that the situation is common to many householder thinking that their home does not pose an attractive proposition to a burglar, “but it does take time for the message to get through.”

The human factor can also play a key role, he notes, especially in a small company where responsibilities are split over several people. “No matter what operating system you are running, if someone is doing something which isn’t wise, there’s still a risk,” he says.

“There’s still a danger that people still look at IT as a means to a business end, without necessarily looking at what the security implication is…I think it will change, but it’s going to take a little while.”

Are you a security pro? Try our quiz!