Cybercrime is expected to grow to $2 trillion in value by 2019, according to Juniper Research, and it is pervading all areas of modern-day life. From the email compromise and leak at the Democratic National Committee to recently discovered exploitable vulnerabilities on medical devices and high-profile data breaches at Target, Sony and JPMorgan, cybercrime has become front-page news.
There are numerous reasons for this explosion of incidents, but at the heart of this is an advancing threat landscape, where everyone from bedroom-bound ‘script kiddies’ to state-sponsored Advanced Persistent Threat (APT) groups see the opportunity to breach networks and organizations for monetary or non-monetary gain.
WannaCry takes companies offline
The increasing sophistication of cybercriminals, combined with the use of outdated technology by users largely unaware of the threats, has made the severity of such crimes ramp up in recent months.
The latest security scare was the emergence of the WannaCry ransomware, which compromised thousands of organizations across the world, including computer systems at the UK’s National Health Service and US delivery firm FedEx. The infection was so severe in some cases that a number of NHS trusts were unable to access patient records, book appointments or use computer systems, forcing some to switch back to paper and even temporarily close their doors.
The worm – said to have infected some 200,000 organizations across 150 countries and over one million PCs – was successful for various reasons.
For example, it exploited a well-known Windows vulnerability (discovered by the US National Security Agency but leaked by cybercriminals) for which a patch had been available but not implemented, and this particularly affected those running older versions of the operating system, such as Windows 7 and the no-longer supported Windows 98.
It also took advantage of an age-old flaw; the unwilling human who would have likely clicked a link or open a dubious file.
Sadly, WannaCry is by no means unusual in a world where data breach losses are a daily occurrence and where the average data breach is said to cost $4 million (£3.13m) according to analysts at the Ponemon Institute.
Cybersecurity remains a pivotal concern of any digital business, especially in an era where people still rarely use complex passwords, regularly fall for phishing emails and other social engineering tactics, and where attackers simply need to find one error to get onto the network.
“We must change our approach,” urged Julian King, the EU’s security commissioner after WannaCry emerged. “We all need to take responsibility for cybersecurity. We can’t just leave it to someone else to take care of.”
The benefits of Windows 10 for endpoint security
Despite the serious nature of cybersecurity, technology pioneers are fighting to stay ahead of the threat actors.
The most modern, up-to-date hardware and software is keeping personal data safe and away from hackers through the constant improvement of technologies such as end-to-end encryption, biometrics, password management and access control.
And with the latest Windows 10 operating system, Microsoft and Intel have made numerous improvements to ensure that sensitive material doesn’t fall into the wrong hands.
Through devices running Windows 10 with 6th and 7th Gen Intel Core vPro processors, security has been hardened at both the hardware and software layer to ensure it is omnipresent throughout applications, security tools, firewalls and the operating system too. Security has been built-in from the ground up in the hardware to stop cybercriminals in their tracks.
Windows 10 marks a step up as far as cybersecurity is concerned, offering everything from multi-factor authentication to improved data protection, encryption and password management.
Powered by vPro processors, newer Windows 10 devices add security features such as biometrics, which – through the presence of infrared cameras and fingerprint sensors – helps to protect identities from cybercriminals.
This protection is essential in an age where misused and stolen user credentials are said to cause over half of data breaches, and where passwords are regularly weak or repeated.
However, this threat is significantly diminished with the new Intel Authenticate solution.
The software verifies a user’s identity for domain and network access login by using any combination of hardened factors at the same time, such as a PIN, a phone, a fingerprint and/or location-based identification.
Put simply, Intel Authenticate goes beyond two-factor authentication to multi-factor by combining something you know (PIN), something you have (a phone), somewhere you are (location) and something you are (your fingerprint). Together, this provides a robust, hardware-protected multi-factor solution, which reduces exposure to common software-level attacks such as password cracking/brute force attacks, phishing and screen scraping.
Intel Authenticate is designed to verify no less than two factors or more for maximum coverage and security. In addition to using your fingerprint, Bluetooth proximity, protected PIN and Intel Active Management Technology (AMT) location, 7th Generation Intel Core vPro processor-based devices also support facial recognition and additional factors from OEMs and hardware vendors, giving IT teams more choices for policy customization. And on the biometrics front, with support for Windows Hello, Authenticate can even recognize if you’re wearing glasses or contact lenses.
Not only is this a more secure way of signing into applications, it is also safer in terms of protecting that information; biometrics security credentials and policy information are collected, stored and encrypted in the hardware, instead of the operating system or software, making it harder for cybercriminals to get at. And with Intel Authenticate baked right into the hardware of 7th Generation Intel Core vPro processor-based devices, additional servers and software aren’t required.
Another vital part of PC data security is encryption, which protects information from being intercepted or stolen. End-to-end encryption technologies feature on everything from web pages and messaging apps to modern enterprise software.
Intel Data Guard is a hardware-based file and folder encryption system that addresses security issues and helps reduce data compromise and data loss, providing protection at the point of creation and throughout the data life cycle.
It is transparent to the user and has sophisticated policy management capabilities for IT, offering IT teams the control they need, while not impeding on the user’s convenience and productivity.
The Intel Data Guard application can be pushed by IT with no user interaction, so employees can get started quickly without needing to make calls to IT. And for employees this experience is simple – their files are protected with little or no extra steps needed, allowing them to focus on their work with peace of mind. Security does not hamper productivity.
The business need for strong cybersecurity
These changes are essential for any organization. Cybersecurity is no longer an ‘IT problem’, it has become a business one. Given the rate of breaches and the escalation of cybercrime-as-a-service, a firm’s bottom line can be seriously impacted by an incident – just ask the likes of Target, TalkTalk and Sony.
A 2016 report by Semafone suggests as much, revealing the majority of people would not do business with a company that been breached, especially if it had failed to protect its customer card data. Earlier, Ponemon Institute’s The Aftermath of a Mega Data Breach: Consumer Sentiment, revealed that data breaches were as detrimental to brand reputation as poor customer service and environmental disasters.
“The knock-on effect of a data breach can be devastating,” warned the former Information Commissioner Christopher Graham last year. “When customers start taking their business elsewhere, that can be a real body blow.”
And with regulatory changes also on the way, cybersecurity will become a business differentiator in a fast-moving digital economy, where analysts say over half of the S&P 500 could be replaced over the next 10 years.
There is little margin for error in this age of widespread connectivity, the continued consumerization of IT and digital transformation driven by IT. It requires security-savvy staff and boardrooms – all empowered by modern Windows 10 technology to protect their identities and personal data.
The time to get cybersecurity smart starts now.