Are you a new chief information security officer (CISO) or other senior cybersecurity officers in the process of evaluating your organization to determine if effective cybersecurity strategies exist? You undoubtedly are aware that a comprehensive cybersecurity plan will provide your organization with the best protection. However, the decision to improve cybersecurity measures requires resources that likely require the approval of the decisionmakers in the organization. While these individuals understand the importance of cybersecurity, they are careful about funding it without having sufficient proof.
The following are five security issues that can make your organization vulnerable to cybersecurity problems. These issues are considered serious and should make a good case for improving your organization’s cybersecurity situation.
- There are no threat detection or response systems in place.
- Employees use public networks to access company information.
- There is no data governance.
- High-priority assets aren’t protected.
- Employees aren’t provided security guidelines.
1. There are no threat detection or response systems in place.
The best cybersecurity defense for an organization is to see threats coming in and prevent them from unleashing a malicious attack. If your organization doesn’t have systems in place to monitor your network traffic for suspicious activity and react accordingly, you are in a vulnerable position. The really bad news about cyber threats is not that they can infiltrate your network, but that they can infiltrate your network and hang around to continuously wreak havoc on your network. This is important. Just one cyber attack can change a business forever. The good news is there are a variety of measures you can take to detect unauthorized intruders and deal with them appropriately.
There are several methods of detecting and preventing threats that range in cost and complexity. Organizations typically use a combination of the following:
- Anti-virus/malware software – These basic solutions are easily deployed on all devices in an organization and can detect known viruses/malware. You can also specify settings for your needs. You usually have access to logs that you can use to investigate an issue further or determine if there is a developing trend.
- Firewall – If employees in your organization connect to the Internet, a firewall is one of the best methods of protection. This system works like anti-virus/malware software but is specifically designed to monitor your network traffic and prevent suspicious and malicious activity. You should install a firewall on work devices that employees use to work remotely.
- Intrusion detection system (IDS) – This system provides an advanced form of network monitoring. It is highly configurable to allow you to specify the level of monitoring, detection, and response your organization requires. This type of system usually offers a lot visibility into the activity on your network so that you can dynamically make changes, if necessary.
- Endpoint detection and response (EDR) – This system works like an IDS, except it is designed for endpoints.
2. Employees use public networks to access company information.
Public Wi-Fi is a convenient tool when an employee must work outside your organization and the (hopefully) protected network. However, these public networks are often unsecure. While the manager of a public Wi-Fi can add security features, there is no guarantee. A case in point is the WeWork security breach. This breach involved the commercial real estate company’s Wi-Fi that was reported by a tech savvy customer in 2015 as being unsecure and exposing personal information, including financial documents from an insurance company, belonging to users. Four years after that initial report, it was determined that the Wi-Fi remained unchanged. Scans of the Wi-Fi traffic were analyzed, and it was determined that nearly 700 computer systems had accessed the public network and a large amount of data was exposed.
If employees in your organization must use a public network, share with them the following security tips from GlobalSign, a trusted identity and security solution provider:
- Double check you’re accessing the correct network
- Install antivirus software on your system
- Enable firewall protection on your system
- Disable file sharing on your system
- Use a virtual private network (VPN) or limit your visits to websites that are encrypted (use HTTPS)
3. There is no data governance.
Wikipedia defines data governance as a “data management concept concerning the capability that enables an organization to ensure that high data quality exists throughout the complete lifecycle of the data, and data controls are implemented that support business objectives.” In terms of cybersecurity, this refers to performing an assessment of your organization’s data to obtain a thorough understanding of security risks to develop appropriate security solutions. Data governance is an important exercise for you because only when you have a thorough understanding of your data are you able to develop effective cybersecurity strategies.
An real-life example that shows the importance of data governance is the Equifax 2017 data breach, which is considered one of the worst data breaches of all time. This cyberattack involved a cybercriminal gaining access to Equifax servers and extracting the personal information for more than 145 million consumers. They were able to exploit a vulnerability that Equifax had overlooked, set up an encrypt channel, and run 9000 queries to obtain the personal information they desired.
Developing security policies can be an exhausting task, especially when you are starting from a weak cybersecurity position. The process consists of assessing your current situation and devising a security plan that covers all the assets in your organization. A popular model that organizations follow is referred to as CIA Triad. This model is based on three principles:
According to the CIA Triad, all data is susceptible to cyber threats based on or more of the above principles. When you evaluate your data assets using these three principles, you can better map out effective cybersecurity strategies.
4. High-priority assets aren’t protected.
A significant part of establishing data governance is prioritizing your organization’s assets. Although all the assets in your organization are important, some have greater value than others. All the assets in your organization should be assigned a priority. This includes software, hardware, and accounts. Understand that you’re not just creating a list. As mentioned in the discussion about data governance, you need to understand the risks that are associated with your critical data and determine the best strategy to mitigate those risks. Depending on the core industry in which your organization belongs, there may be compliance regulations that you must adhere to protect your critical assets, as well as employee and customer personal information.
In addition to limiting the users who have access, protecting your most critical assets should involve the following:
- Implementing two-factor password authentication
- Using complex, unique passwords and change them often
- Using encryption to protect the data as it travels in and out of your network
- Applying security patches immediately
- Setting up automatic backups and save in a location that is separate from other assets
- When not in use, storing critical hardware in a secure location
- Installing monitoring, detection, and recovery software on the systems that access critical data
5. Employees aren’t provided security guidelines.
The prevalence of cyberattacks headlining news articles might lead you to think that the employees in your organization are knowledgeable about basic security measures they should employ when handling the organization’s data. Symantec’s 2019 Internet Security Threat Report indicates this is unfortunately not the case. According to their report, spear-phishing emails (malicious emails that appear from trustworthy contacts) were the most common method of attack. Cybercriminals are likely targeting an area where they are most successful.
There are also numerous cyberattacks that demonstrate the importance of training employees about cybersecurity and the role they play to keep your organization’s critical data safe. An example is the 2018-2019 data breach of the bodybuilding.com website. The staff members of the online fitness shop received a phishing email, but it only took the action of one who clicked a link in the email to create an opening for a malicious attack that consisted of the cybercriminal accessing personal customer information. It reportedly took eight months for the company to learn about the attack.
Training programs are a great method for teaching employees the following security best practices:
- Use strong passwords
- Change passwords often
- Avoid phishing and other scams
- Never leave company assets unattended
- Shun using public networks to access company data
If you’ve learned that one or more of the serious security problems listed above apply to your organization, your next step should be to share your findings with the decisionmakers in your organization and obtain their buy-in to implement policies to improve the security outlook of the organization. It’s a daunting task that you shouldn’t handle on your own. BACS is an IT company that specializes in developing effective cybersecurity solutions for companies of all sizes and across a wide variety of industries. Their expertise covers the spectrum of cybersecurity, which allows them to satisfy the specific needs of their clients.