2020年計算機網絡王道
Cybersecurity has continued to be a major issue throughout 2019 and as organisations begin to rely even more on IT, it remains a serious concern. While most companies are by now aware of how important cybersecurity is, many have yet to implement the necessary measures needed to adequately protect them. In this post, we’ll look at what security threats 2020 is likely to put in their way.
在整個2019年,網絡安全一直是一個主要問題,随着組織開始越來越依賴IT,這仍然是一個嚴重的問題。 盡管大多數公司現在已經意識到網絡安全的重要性,但許多公司仍未采取必要的措施來充分保護它們。 在本文中,我們将探讨2020年可能遇到的安全威脅。
1. 缺乏網絡安全教育 (1. Lack of cybersecurity education)
Perhaps the biggest cyber threat to any business is the lack of knowledge and understanding within a company about cybersecurity. Today, the digital revolution is affecting the working practices of employees throughout companies big and small. With more and more employees using connected technologies as part of their everyday jobs, it is more important than ever to ensure all staff are aware of what cybersecurity risks they face and how they can work in a way that will enhance security.
對任何企業而言,最大的網絡威脅可能是公司内部對網絡安全的知識和了解不足。 如今,數字革命正在影響着大小公司中員工的工作習慣。 随着越來越多的員工在日常工作中使用互聯技術,比以往任何時候都重要的是確定所有員工都知道他們面臨的網絡安全風險以及如何以增強安全性的方式開展工作。
In 2020, expect to see more organisations putting cybersecurity strategies into place that include ongoing training for staff on the latest technologies and threats and, importantly, letting them know how to work responsibly and respond to incidents.
到2020年,期望看到更多組織将網絡安全政策付諸實施,其中包括對員工進行最新技術和威脅方面的持續教育訓練,重要的是,讓他們知道如何負責任地工作和應對事件。
2. 資料洩露的威脅 (2. The threat of data breaches )
The enormous value of personal data to the criminal underworld means that data is a principal target for hackers. As a result, the threat of a data breach will continue to be one of the biggest issues that businesses will face in the coming years. This means companies will need to ensure personal data is secure end to end, from the moment it is sent to them to its safe disposal. The use of SSL certificates, encrypted data storage, logical access, password management and the rapid patching and updating of web applications is vital in this area.
個人資料對黑社會的巨大價值意味着資料是黑客的主要攻擊目标。 結果,資料洩露的威脅将繼續是企業在未來幾年中将面臨的最大問題之一。 這意味着公司将需要確定端到端的個人資料安全,從發送到個人資料到安全處理。 SSL證書,加密資料存儲,邏輯通路,密碼管理以及Web應用程式的快速修補和更新在此領域至關重要。
For those who succumb to a data breach, tough fines, reputational damage and even lawsuits await.
對于那些屈服于資料洩露的人來說,嚴厲的罰款,聲譽受損甚至訴訟都在等待着。
3. 技能短缺 (3. Skills shortages)
The complex nature of cybersecurity means that increasing numbers of organisations are employing the services of highly-skilled, security experts. Unfortunately, as these professionals are in short supply, there is a considerable skills gap in many companies just at the time when the need is the greatest.
網絡安全的複雜性意味着越來越多的組織正在使用技術娴熟的安全專家提供的服務。 不幸的是,由于這些專業人員短缺,許多公司在需求最大時就存在相當大的技能缺口。
In response, many companies are now implementing the use of intelligent, automated security tools that use advanced technologies to scan and block attempted intrusions, infections or other forms of attack like DDoS. These services can often be delivered by your service provider.
作為響應,許多公司現在正在實作使用智能,自動化安全工具的使用,這些工具使用先進的技術來掃描和阻止企圖入侵,感染或其他形式的攻擊,例如DDoS。 這些服務通常可以由您的服務提供商提供。
4. 漏雲 (4. Leaky clouds)
The majority of enterprises use the cloud for at least part of their IT solution and it is increasingly becoming popular as the place to store data and run operational processes. However, its popularity has not been kept a secret from cybercriminals and the number of cloud-based threats has continued to rise.
大多數企業至少将雲用于其IT解決方案的一部分,并且作為存儲資料和運作操作流程的場所,雲正變得越來越流行。 但是,它的受歡迎程度并未被網絡犯罪分子保密,并且基于雲的威脅的數量持續增加。
In 2020, companies will need to maintain the security of critical data and make sure they have real-time threat intelligence in place, to minimise the risk of data breaches or critical operations being taken offline.
2020年,公司将需要維護關鍵資料的安全性,并確定擁有實時威脅情報,以最大程度地降低資料洩露或關鍵操作下線的風險。
5. 移動裝置風險 (5. Mobile device risk )
For many employees, the smartphone is now an essential work tool used not only to access the company system but to store important data. This puts organisations at risk from poorly secured connections, mobile malware and device theft. It is critical, therefore, that all mobile devices that can be used to access the organisation’s systems are secured. One solution is to ensure access is carried out via a secure web app.
對于許多員工而言,智能手機現在已成為必不可少的工作工具,不僅用于通路公司系統,還用于存儲重要資料。 這使組織面臨安全連接配接不良,移動惡意軟體和裝置盜竊的風險。 是以,至關重要的是,必須確定所有可用于通路組織系統的移動裝置的安全。 一種解決方案是確定通過安全的Web應用程式進行通路。
6. 物聯網漏洞 (6. IoT vulnerability )
Mobiles aren’t the only remote devices that are vulnerable to attack; perhaps even more at risk are the IoT devices which have proliferated in use over the last few years and on which many organisations increasingly rely. They present a plethora of potential vulnerabilities that organisations need to protect themselves from, such as insecure wi-fi connections, hard-coded credentials, unverified firmware and unencrypted data. In addition, a compromised router or network attached storage server gives an attacker access to data and can serve as a platform to launch more attacks. In 2020, organisations which use the IoT will need to look carefully at how to ensure these vulnerabilities are protected against.
移動裝置并不是唯一容易受到攻擊的遠端裝置。 物聯網裝置可能會面臨更大的風險,在過去幾年中,物聯網裝置的使用激增,許多組織也越來越依賴該裝置。 它們提出了組織需要保護自己的大量潛在漏洞,例如不安全的wi-fi連接配接,寫死的憑據,未驗證的固件和未加密的資料。 此外,受損的路由器或網絡連接配接的存儲伺服器會給攻擊者提供通路資料的權限,并且可以用作發起更多攻擊的平台。 在2020年,使用IoT的組織将需要仔細研究如何確定防止這些漏洞。
7. 流氓國家 (7. Rogue states)
It is not just cybercriminals that are out to steal data and cause chaos, unfortunately, some governments are at it too – and these rogue states will have more advanced technologies, IT expertise and financial backing than the average hacker.
不幸的是,不僅僅是網絡犯罪分子會竊取資料并造成混亂,不幸的是,一些政府也這樣做。這些流氓國家将比普通黑客擁有更多先進的技術,IT專業知識和财務支援。
While cybercriminals are usually financially motivated, state-sponsored attacks can have a number of purposes, such as causing major security breaches to undermine companies, taking critical services offline using a DDoS attack, industrial or political espionage, spreading fake news to influence elections and even taking those who oppose them offline.
盡管網絡犯罪分子通常是出于經濟動機,但由國家發起的攻擊可能有多種目的,例如造成重大安全漏洞破壞公司,使用DDoS攻擊使關鍵服務脫機,工業或政治間諜活動,傳播假新聞以影響選舉,甚至使反對他們的人下線。
State-sponsored cybercrime is the new cold war and while major companies, public utilities, defence and political organisations are particularly at risk, all organisations need to be aware of their risk of attack and how to protect themselves.
國家支援的網絡犯罪是新的冷戰,而大型公司,公用事業,國防和政治組織尤其處于危險之中,所有組織都需要意識到其遭受攻擊的風險以及如何保護自己。
8. 智能惡意軟體 (8. Intelligent malware)
The war between cybercriminals and cybersecurity teams isn’t being carried out simply by the human brain anymore. Both camps are now using artificial intelligence (AI) and machine learning as tools in their armoury. Unfortunately, this means that cybercriminals are now able to create extremely sophisticated malware and methods of attack and at a pace that cybersecurity companies are finding challenging to deal with. It may only be a matter of time before one of these stealthy attacks strikes with devastating effect.
網絡犯罪分子與網絡安全團隊之間的戰争不再僅僅由人腦來進行。 這兩個陣營現在都将人工智能(AI)和機器學習作為工具。 不幸的是,這意味着網絡犯罪分子現在能夠建立極其複雜的惡意軟體和攻擊方法,并且其步伐是網絡安全公司發現應對挑戰的速度。 這些隐秘攻擊之一具有毀滅性打擊可能隻是時間問題。
結論 (Conclusion)
In 2020, cybersecurity will continue to challenge organisations big and small. We’ll see persistent risks like data breaches remaining high on everyone’s agenda, while the development of new technologies brings new threats, such as intelligent malware and IoT vulnerabilities. As companies expand their use of IT, we’ll also see a need to protect the cloud and mobile devices while ensuring that there are highly skilled IT experts driving security strategies and educating everyone else how to stay secure.
2020年,網絡安全将繼續挑戰各種規模的組織。 我們将看到諸如資料洩露之類的持續風險仍然是每個人的首要任務,而新技術的發展帶來了新的威脅,例如智能惡意軟體和IoT漏洞。 随着公司擴大對IT的使用,我們還需要保護雲和移動裝置,同時確定有高技能的IT專家來制定安全政策并教育其他人如何保持安全。
If you need highly secure hosting for your organisation, check out our range of hosting solutions.
如果您需要組織的高度安全的托管服務,請檢視我們的托管解決方案範圍。
翻譯自: https://www.eukhost.com/blog/webhosting/8-biggest-cybersecurity-threats-for-2020/
2020年計算機網絡王道
![無人機--飛控科普[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)