The Internet Security Threat Report (ISTR): A Tactical Advantage for Partners

In any military engagement, intelligence can prove to be the difference between success and defeat. Perhaps the most striking example of this is the famous Battle of Thermopylae, in which a small force of Greeks led by King Leonidas of Sparta held off a vastly larger Persian army for several days in a narrow pass. The battle was lost when a local revealed the existence of a path leading around the Greek army, allowing them to be outflanked and destroyed.
While today’s battle against cybercrime may be less dramatic, our businesses and livelihood are still at stake.

Although we rarely come face to face with our attackers, the threat is just as real in today’s global economy. Standing between businesses and today’s cybercriminals is the community of partners, who develop the security strategy for their customers to anticipate and mitigate sophisticated attacks.

A crucial piece of intelligence in this battle is the annual Internet Security Threat Report (ISTR) produced by Symantec. For more than a decade, the ISTR has delivered the most up-to-date intelligence to help channel partners become the go-to-resource for customers looking to maintain their security posture. The ISTR, Volume 18, highlights the increasing risks to business of all sizes, and the continued development of new, sophisticated threats to take advantage of pervasive technology.

Targeted Attacks and Small Businesses

Targeted attacks grew sharply in 2012, increasing by 42 percent. In addition, the proportion of these attacks leveled against small businesses grew to 31 percent in 2012. The reason behind this is two-fold: First, small businesses usually have less robust security strategies in place than their large enterprise counterparts have. Second, they often conduct business with larger organizations and are likely to house sensitive data or information resulting from those partnerships that could be exploited to attack larger enterprises. These hacktivists are also targeting employees in sales, likely because of their access to intellectual property and customer information. This makes it especially important for partners to ensure their small-business customers are aware of the evolution of the threat landscape—and provide recommendations accordingly—to effectively preserve sensitive information and protect data from being compromised.

Mobility and Other New Threats

Mobile malware has also increased by 58 percent in the last year. As more businesses allow employees to access work-related information on smartphones and tablets, cybercriminals are placing more emphasis on creating mobile threats. With the bring-your-own-device (BYOD) movement gaining traction in the workplace, user behavior on personal devices potentially can leave business information exposed. With this in mind, partners must ensure they are delivering the best-in-breed mobile management solutions to their customers, to make BYOD more secure without hindering user productivity.

Cybercriminals are also creating new web-based threats such as “watering hole” attacks, where a legitimate website of a smaller business is compromised, gaining access to and exploiting larger organizations when their employees visit the site.

Other rapidly growing threats include ransomware, which locks users’ machines until they pay to have it released, and new social media threats luring users with the promise of fake offerings and/or to partake in false surveys.
To effectively address the constantly evolving threat landscape, partners have to stay well-informed of what cybercriminals are doing today. Resources such as the ISTR provide partners with the insight they need to stay ahead of the curve and offer best-of-breed solutions to protect businesses in an increasingly hostile online environment.

For more information, I recommend reading the entire report, which can be found here. The right intelligence can help partners keep their customers from being outflanked by the enemy, and give them the tools to take a stand against cybercrime.

John Eldh is VP of channel sales for the Americas at Symantec. Monthly guest blogs such as this one are part of The VAR Guy’s annual sponsorship program. Read all of Symantec’s guest blogs here.