In a complex technological world that faces an ever changing threat landscape, the team in charge of managing cybersecurity may find it difficult to know where to focus their often limited resources. Some areas, such as firewalls and operating system updates, are obvious priorities. But what else deserves your attention?
As the market demands increased levels of connectivity and hackers continue to become more innovative in their approaches, it becomes imperative to leverage the best opportunities to strengthen your enterprise’s cybersecurity strategy. Read on for five tactics that can better protect your organization from many of today’s most common threats.
Strengthening your Cybersecurity Strategy
- Run Fire Drills: Train and Test
Make use of trial runs and cybersecurity “fire drills” by training employees in complex security scenarios and then testing them for comprehension. This is the time to let them make mistakes, and use this as an educational opportunity. “One of the most cost effective security countermeasures you can put in place is a well-trained employee,” according to Secure Strategies, a consulting group that provides security awareness training for employees.
- Avoid Opening Unsolicited Emails & Attachments
Out of those who receive fraudulent phishing emails or other communications that attempt to convince victims to share sensitive information, what percentage of employees will open those emails? According to Verizon’s 2015 Data Breach Investigations Report, twenty-three percent of employees will open an email that allows an attacker to begin hacking a network. That’s not a chance you can afford to take.
In addition, Verizon’s report notes that 11 percent of employees will open attachments, which work in much the same way. “The numbers again show that a campaign of just 10 e-mails yields a greater than 90 percent chance that at least one person will become the criminal’s prey,” the report said.
- Focus on Comprehensive Security Training
Unfortunately, most enterprises either do not have security and compliance training, or do not focus on the quality and effectiveness of training. Even those enterprises that have mandatory annual cybersecurity refreshers often do not update the presentation or tactics annually. Is your organization treating such training as a checkbox item to be completed, or an opportunity to improve your entire enterprise’s cybersecurity strategy? One way to get the most from your training is to move beyond delivering policies to presenting realistic scenarios that expose employees to critical decision-making such as whether an email is safe to open.
Training and testing could also address difficult situations, such as whether to report a potential security issue that involves a supervisor. By examining test results to identify questions that are frequently answered incorrectly, enterprises can determine whether additional training is needed.
- Monitor Digital Footprints & Control User Access
Be alert for potentially malicious insider threats at your organization. In 2015, the personal information of 37 million Ashley’s Madison website users was compromised. Some believe the website breach was a result of a malicious insider, possibly the former CTO.
Malicious insiders are current and former employees and contractors who have or had authorized access to an organization's system and networks; are familiar with internal policies, procedures, and technology; and can exploit that knowledge to facilitate attacks. Malicious insider acts that need to be mitigated include sabotage, fraud, theft of confidential or proprietary information, and potential threats to our nation's critical infrastructure, according to the Carnegie Mellon University Software Engineering Institute.
In recent years, the market has seen a few new tools that help enterprises track employee digital footprints. One of those, Threat Stack recommends the following monitoring activities:
- Monitor who is using certain commands to copy data from production systems
- Monitor the IP addresses of the devices workers use to log in
- Monitor for access to critical customer files
- Monitor for manual package updates
- Monitor changes to configuration files
- Routinely Update Your Security Policy
Every business should have a strong security policy; it is important to review yours annually to ensure you are clearly communicating your expectations related to how your workers are handling private information about your company and its customers. Cleary laying out the rules can make a big difference.Enterprises are investing in cyber security more than ever before, yet damaging breaches occur all too often. Learn about our free Security and Threat Prevention Assessment, which identifies vulnerabilities in your network and provides personalized recommendations for improved security.