6 Tips for Shielding Your Organization From Rising Cybercrime
October is Cybersecurity Awareness Month. Now is the time to check your virtual locks.
In 2020, the FBI received a record number of cybersecurity complaints. Reported losses from hackers exceeded $4 billion. At the same time, ransomware attacks in the U.S. jumped some 300%, with the cost of those attacks more than tripling to about $29 million. Globally, ransomware costs are expected to hit $20 billion this year, up from $325 million in 2015.
It’s not an exaggeration to say we’re in the midst of a cybercrime crisis. Organizations of every size, including midsize enterprises that never considered themselves targets, are now targets. With that in mind, it’s a good time to reassess your organization’s cybersecurity practices.
October is Cybersecurity Awareness Month. Now in its 18th year, it was created by the National Cyber Security Alliance and the U.S. Department of Homeland Security as a reminder to take stock of your organization’s cyber hygiene, seek out vulnerabilities, and strengthen your protections.
Take a proactive, data-driven, and continuous approach to managing your exposure with a real-time view of risk.
This year’s campaign will focus on several crucial areas: practicing fundamentals like tracking digital inventory; using risk scoring to identify vulnerabilities; shielding against phishing attacks, with the help of tools like zero trust; and embedding networks with security protocols like network configuration and managing software updates.
Here are six strategies to strengthen your cyber hygiene and keep your organization from becoming a headline.
Inventory all assets
In a survey for Tanium by IDG Connect of more than 300 decision-makers in enterprise IT operations and security roles, 44% cited a lack of visibility into the endpoints that connect to their networks and only 30% said they are confident in their ability to see more than 85% of their endpoints. The bottom line is it’s not so much that the techniques of hackers have advanced, rather that the networks organizations operate have ballooned, expanding their vulnerabilities.
Most organizations don’t have sufficient visibility in their networks to understand their vulnerabilities and to protect them. Adding acquired businesses brings new layers of software, platforms, and security tools that often stay siloed and don’t communicate with one another. Basic cyber hygiene is centered around full asset discovery and inventory—the process of cataloging the hardware (and the hardware’s software) connected to your organization’s network.
[Read also: What is asset discovery and inventory?]
Assess your cyber risk score
Cyber risk scores show what percent of cyberdefense has been satisfied by an organization’s security controls and what residual vulnerabilities remain. Scores can be expressed numerically, much like a credit score, and can translate a complex dataset to a concept that is easy to understand, enabling all levels of an organization—from leadership to IT teams— to get a handle on their security profile.
Before a risk-score tool can be installed, an assessment of the risks throughout an organization needs to be carried out. And it’s important to keep in mind that the score’s accuracy depends on the quality and scope of the information input into the tool. Once a risk-scoring tool is implemented, that’s the hard part done, and organizations often become much more committed to keeping on top of their cybersecurity.
[Read also: What is a cyber risk score and why does it matter?]
Enforce zero trust
As remote working has taken hold, the security profile of every endpoint in an organization’s network has become almost impossible to manage and monitor. Zero trust is a practice that treats every device that tries to log on to a network as a potential threat, with the aim of securing computer networks from malicious intrusion. It’s a more straightforward solution than virtual private networks (VPNs), which have proved difficult to scale and are prone to break down.
[Read also: It’s time to ditch the VPN for zero trust]
Review your incident response
Businesses of all sizes should have an incident response plan in place to mitigate the damage and minimize the downtime from an attack. A hacker can compromise a machine and begin moving laterally through a network in just a few hours, so it’s essential to develop a rapid response protocol that reduces hacker dwell time and minimizes the exfiltration of data.
Teams should test the effectiveness of their plan by periodically responding to simulated data breaches and evaluating how effectively and quickly they achieve their response goals.
And a word on ransomware negotiation. It may be tempting to play hardball with hackers, but you can quickly get out of your depth. If you do find yourself in receipt of a ransom demand, call in the experts. There’s an art to the deal.
[Read also: What is incident response?]
Many IT operations teams struggle with the cost and complexity of managing configuration policies in a unified way across hybrid systems composed of on-premises, remote, and cloud environments. But the costs are higher for those who ignore or take a lax view of such policies. Misconfigurations and “configuration drift” away from desired settings can leave organizations at risk of data breaches and cyberattacks.
High-level administrative privileges pose one of the biggest security risks in any organization, and it’s important to give admin-level access to programs and systems only to those who need it. Standard users should have more limited capabilities and should not be allowed to install applications on their computers or mobile devices without administrative permission.
[Read also: What is configuration management?]
Update your software
A strong patch management system is one of the best defenses against data breaches and other security incidents. Unpatched software is an open door for cybercriminals, exposing organizations to malware infections, data breaches, and other threats—all of which siphon valuable time, money, and resources. Operating system and application patches should be applied regularly and promptly to mitigate the risk of malware attacking your network.
Automated patch management allows businesses to scan their network environments for devices and applications with missing patches. However, as with all automated management tools, the integrity of the patching system must be constantly monitored to ensure it’s not been breached.