December is a month for looking back at all the things that happened this year and for looking ahead to what is in store next year. For many information security professionals, it is also a month of long hours as organizations rely on skeleton staff to defend the network.
Criminals frequently launch their campaigns over holidays, weekends, and late at night when IT staff has a skeleton crew in place. Many infosec professionals take time off in December, whether for the holidays or because they have vacation days they need to use before they lose them. Many online adversaries choose this time period to launch more attacks. Combine increased user traffic, higher attack volumes, and smaller teams defending the network and it's reasonable to assume some bad guys may be counting on the fact that few defenders are on patrol.
This month, we will be talking about the challenges information security professionals face during this time of the year. As we discussed last month, incident response is a key component for enterprise defense, and organizations have to regularly update their plans. We will also talk about automation and other ways teams operate at optimum levels even when key personnel is out for an extended holiday. We will share tips, strategies, and suggestions on how to continue being an effective security leader for your organization.
In last year's eCommerce Cyber Crime report from the Ponemon Institute, 64 percent of organizations said they see significant increases in attack activity during the holidays. In the same report, more than 70 percent of enterprises said there were not taking the necessary precautions in anticipation of increased attacks. That number has likely dropped somewhat, a year after multiple retail breaches, but it is reasonable to assume a significant number of organizations are still at risk.
The majority of the respondents said nine types of attacks were more likely to occur during the holiday season. About 83 percent of respondents said botnet and Denial-of-service attacks were more likely to occur on high traffic days.
Enterprises must take extra precautions to safeguard their corporate networks and data this month. It's possible for organizations to have a peaceful and quiet holiday—provided they have a network and data security strategy specifically for this period. One way is to develop a security framework which lets all the systems communicate with each other. Remote employees should use a virtual private network at all times to protect the company networks from outside tampering.
We will also be looking at some of the bigger trends and lessons learned this year. What have we learned—and even more importantly, what lesson do we still refuse to learn? We will still talk about incident response and budgets. What else do you think we should be talking about? Let us know in the comments below or on Twitter @RSAConference.