IT Trends & Technology Blog | FNTS

Staying Ahead of Cybersecurity Threats with Proactive Measures

Written by Don Pecha, CISO | February 12, 2019

 

Cybercrime is a continuous threat for organizations of all sizes and across all industries. If the news surrounding the data breaches at Marriott and Equifax are any indication, even global firms with large security budgets can still be vulnerable in the face of a seemingly endless barrage of sophisticated attacks. In fact, IndustryWeek recently reported a 350 percent increase in ransomware attacks against its members versus the year prior, as well as a 250 percent rise in email attacks.

What makes this challenge even more complex is that the vulnerabilities that cybercriminals exploit and the attack vectors that they rely on are always changing. It is the classic scenario of security professionals having to cover every potential angle every day, while a cybercriminal just needs to find one weak link in the defenses to wreak havoc.

Fortunately, there are best practices that organizations can follow to stay ahead of cybersecurity threats.

Reinforce Awareness Training

Whether they are witting actors or pawns in the next compromise on your network, the employees and contractors inside your organization already have what would-be attackers want: access. According to a Secureworks 2018 Incident Response Insights Report, 42 percent of attackers gain entry from a phishing scam that tricks users into sharing their account information. Any number of security tools, applications, and detectors could be in place, but people can often be the weakest link in your cybersecurity defenses.

Because of this and the rapidly changing nature of technology, awareness training cannot just be a one-time event; instead, training should be constantly tested, repeated, and updated to fit your environment, needs, and threats. Some of the most common topics include what to do in the event of a ransomware attack and how to deal with spam, phishing, malware, and social engineering.

Patch and Update Software on Schedule

In short, patches fix a known flaw or bug in a piece of software or operating system. And if the software developer knows about a flaw, so do cybercriminals. Making sure you have a structure and schedule to check for and install patches can help make sure your systems have a smaller vulnerability footprint and are running as soundly as possible. In fact, according to the Ponemon Institute, 60 percent of organizations that fell victim to a data breach knew the vulnerability exploited was something they had not patched yet.

Whether through a manual process, support from a vendor, or a patch management tool, take inventory of your systems and make the decision to not delay any longer. If you do, you may soon have a security incident on your hands.

Develop a Risk Management Plan


Though every asset—a system, database, piece of hardware, or device—could be completely locked down, the realities of business operations and the cost to do so means organizations should weigh their risks against the possibilities of them occurring. Start with thinking about how your organization makes money, how your employees get work done, and what risks are worth taking and which are to be avoided at all costs. Next, assign likelihoods to those risks, quantify the impact to your operations if they occurred, and identify what mitigation actions you want to take.

In short, using risk-based prioritization allows your organization to develop a risk management plan that can help identify needed budgets and communicate probabilities to the management team. Being able to link risks to mitigation strategies and then to the return on investment for those measures can help to build buy-in and secure the levels of cybersecurity investment your organization needs.

Leverage Defense-in-Depth


Layering security defenses in an enterprise environment reduces the chance of a successful cyberattack, and if you’re breached, limits the damage, but it is still not a fool-proof method to keep attackers out. This is why taking advantage of the benefits of segmentation & least privilege, combined with in-depth defense, can be well worth the effort.

The biggest benefit is that these methods slow down attackers by making them find additional ways to navigate your environment instead of having unrestricted access once they find a way in. It can also help to keep limit the amount of sensitive data impacted from more sophisticated attacks. Ultimately, defense-in-depth, segmentation & least-privilege can help to contain breaches, minimize data exposure, and limit the damage caused by a successful cyber-attack..

Parting Thoughts

If the idea of defending your corporate proprietary information, sensitive customer data, and other business and account information from cyberattackers isn’t enough, taking proactive steps to bolster your cybersecurity can also help protect your bottom line. According to the 2018 Cost of a Data Breach study drafted by the Ponemon Institute, the average cost of a data breach in the U.S. is $7.91 million, money that could have gone a long way toward research and development, salaries, and more.

Although no combination of tools and processes can fully eliminate risk, investing in cybersecurity can at least frustrate, hamper, and delay would-be attackers long enough that they might move on. After all, the last thing you would want on your watch is for your business to become another statistic.