Experts estimate that hackers stole half a billion personal records in 2015 alone.* And that doesn’t account for IT security breaches where personal records weren’t the target. All types and sizes of organizations have been attacked. And if you work in IT—whether you’re the chief information officer for a multinational corporation, a system administrator for a small business, a systems analyst for an IT consultancy firm, a database administrator for a nonprofit, or a software engineer or software developer for an app vendor—you must be aware of security vulnerabilities and do your part to prevent exploitations.
There are a number of ways hackers can compromise data. But one of the most pressing current threats is “zero-day exploits.”
A zero-day exploit is a hacker attack that takes place between the moment hackers uncover a security vulnerability and the moment the vendor patches that vulnerability. Imagine if your house had an unlocked door you didn’t know existed. A zero-day exploit is when someone else finds that door and robs your house before you notice the door exists and can lock it. Zero-day exploits can target operating systems, web browsers, website plugins like Flash, and other applications installed on an individual computer or IT system.
While it used to take weeks or even months for hackers to begin widescale exploitation of a newly discovered vulnerability, modern technology now makes it possible for hackers to wage widespread attacks within the same day or hour of uncovering a vulnerability. This has contributed to a growing number of zero-day exploits. The number of zero-day attacks on browsers and website plugins alone has increased exponentially over the last few years and reached 54 in 2015.* That means hackers found one previously unknown vulnerability every week for the entire year. This makes protecting your information technology quite difficult. But there are steps you can take.
The nature of zero-day exploits means you don’t know your vulnerability until after a hacker has already attacked you or someone else through that vulnerability. Unless you employ a crack team of IT security experts who can provide real-time monitoring of your systems, their operations, and communications, your best strategy is to focus on prevention and response planning. The following steps can help:
Many businesses fail to regularly update the operating system (OS) on all of their computers and other devices. Some even continue to use outdated operating systems like Windows XP. But if you want to make things difficult on hackers, make sure you’re running an OS that is still being supported by its provider, and install all updates to the OS as soon as they’re released.
The defenses built into your OS are not enough. To fully protect your devices from new threats, you need the additional protection of anti-virus/anti-malware software that includes a firewall, real-time scanning, phishing detection, and rapid-response updates.
If you run software that accesses the internet, that software can be vulnerable to hackers. Make sure you install all updates—even on things like video games. Additionally, make sure everyone in your business is using a secure browser (like Chrome or Firefox).
How often do you or others in your organization change your passwords? If you’re like many businesses, the answer is something close to never. That’s bad news if a hacker has ever stolen your passwords—even if they stole them years ago. To strengthen your IT security, make sure everyone in your organization changes their passwords regularly.
What will you do if hackers access your data? You need to make sure you are backing up your data in a separate location so hackers can’t erase vital files. You need to have a plan for getting vital operations back online if hackers disrupt your systems. And you need to have a plan to minimize the impact of stolen information.
If you have an IT or computer science job, you can improve your ability to protect against zero-day exploits—and advance your IT career prospects—by earning an MS in Information Technology. This advanced IT degree is designed to help you acquire essential programming, networking, and database management and development skills. Plus, a master’s in information technology can allow you to specialize in a specific field like cyber security.
Thanks to online education, you can even use your mobile devices and laptops to earn your information technology degree. Better yet, earning an MS in Information Technology degree online can make it possible for you to advance your education without taking time off from your current job. That’s because, when you enroll in an online university, you can complete your coursework from home and on a flexible schedule that’s designed to let you continue working full time.
Zero-day exploits are a serious problem for all organizations. With an MS in Information Technology, you can become a leader in protecting organizations from hacker attacks.
Walden University is an accredited institution offering an online MS in Information Technology degree program. Expand your career options and earn your degree in a convenient, flexible format that fits your busy life.
*Symantec, 2016 Internet Security Report, on the internet at www.symantec.com/security-center/threat-report.
Walden University is accredited by The Higher Learning Commission, www.hlcommission.org.