Top 5 InfoSec concerns for 2017

Cloudbleed, WannaCry, ransomware, hackers. Each and every day, it seems, the tech community wakes up to news of another attack on data security and privacy. As IT professionals, we spend our days working to the best of our knowledge and ability to keep company information secure. Some days, however, when news of new attacks hit, it can feel like we’ll never get ahead. As soon as we learn one method of protection, the hackers have invented a new workaround.

That’s why online community forums are so important in this day and age to avoid—and combat—high-level data security risks. When extensive continued education may not be on the books, you can turn to community experts poised to help guide you with best practices for security as well as information on the best new tools to protect information.

These online community forums offer raw and real insight into what’s really happening. While we can gather information on the latest tech trends and updates from news sources, we run the risk of being fed our data from sources who aren’t in the trenches with this technology. They can report on the effects and aftermath of ransomware, for example, but would need to bring in experts to speak to the public on how to combat these attacks. More tech-focused news sites and publications can be resources, but you either have to dig through content or wait for publication rollouts. The way I see it, why wait for a news anchor to tell you who is an expert in the field, when you can log onto a community and uncover hundreds of experts yourself? And why wait for a publication to produce a pretty piece on a timely topic like ransomware when the details you’re looking for can be found in numerous posts and questions in an online community?

I’ve spent my career working in InfoSec for large corporations and tech-focused companies, and I can tell you that these communities are invaluable for exploring and applying cutting-edge security measures to company data and processes. To prove that I’m not the only one who feels this way—and curious about Experts Exchange’s community interest in InfoSec issues—I dug into on-site traffic and behavior spanning the first four months of the year. Armed with this intelligence, our team is able to decipher what InfoSec topics are of the utmost concern.

What did I uncover? Basic security concerns are still at the top of the most-searched list, while there’s a spike in interest for new content and questions on specific issues, like WannaCry. Here were the top 5 searched security topics on site over the last four months:

1. Network Security was our number one searched security topic, with more than 128 searches and more than 6,247 existing solutions. This topic covers policies created to prevent and monitor authorized access and the ability to modify or misuse a network.

   Why is this an important security topic? A breach in network security can cause large and lasting ramifications for a company. From leaked proprietary information and financial account access, to stolen passwords and downed servers, networks house the keys to daily productivity and, oftentimes, intellectual property for company growth. Personally, a network security breach can seize private information, including photos, financials, and account access.
   Our leading security question during this time period, for example, is “What is the best firewall appliance for home use.” – 12168 views

2. Networking was the second-highest topic, with 124 searches and 89,732 solutions on site. The networking topic addresses any process of connecting computing devices (or hardware) through wired or radio wave means in order to communicate and share information from different locations.

   Why is this an important security topic? When data and information passes virtually from one location to another, entry points increase and vulnerabilities multiply. But networking has quickly become the norm in business operations today, making the security of this practice of great importance.

3. Windows OS reached our third spot, with 106 searches and 102,211 solutions on site. This topic covers Windows operating systems from legacy versions to the latest operating systems, plus any Windows Mobile versions.

   Why is this an important security topic? As the recent WannaCry malware attack taught us, even old programs no longer in mass circulation are vulnerable to attack. Online communities with experts well-versed in formerly popular operating systems can provide tips and best practices for keeping old programs safe, as well as the latest insights on new operating systems.
   Two of our top 5 answered questions fell under this category: “WannaCry – Check Windows Machines for MS17-101 security update and disable.” – 14821 views “Microsoft Security Bulletin MS17-010 – Security Update for Microsoft Windows SMB.” – 9967 views

4. OS Security hit number four with 95 searches and 21,561 solutions. Operating system security (OS security) deals with protecting the integrity, confidentiality, and availability of the system through preventative techniques.

   Why is this an important security topic? OS systems safeguard community assets. IT managers and professionals need to know the best ways to protect identity and data from being stolen or deleted, best practices for passwords and authentication processes, and basic safeguarding against viruses, malware, and remote hackers.

5. Active Directory was our fifth most-searched security topic, with 88 hits and 73,783 solutions on site. Active Directory is Microsoft’s widely-used database infrastructure. (For example, 88% of Fortune 1000 companies and 95% of enterprises use this software.)

   Why is this an important security topic? Popular technologies are at a higher risk of being targeted due to the amount of damage a hacker can cause by finding a common and shared vulnerability. Active Directory, though popular, is a complex system that requires constant and vigilant security maintenance, positioning it as a prime opportunity for hackers.

These numbers prove that online community engagement involving real-world issues in security is at an all-time high, and as technology continues to change and hackers and breaches continue to find workarounds, I believe it will only increase. If you’re looking for how-to guides, advice, and insight into a tech topic, don’t turn on the TV or to go to a publication to find your answer. Instead, seek a community and you’ll instantly see how connections gained through these forums can help you cut through the fluff and fat to get to the heart of the matter: keeping your company secure.