[BreachExchange] 5 Ways to Manage New Threats in Today’s Cybersecurity Landscape

Audrey McNeil audrey at riskbasedsecurity.com
Tue Oct 25 20:32:48 EDT 2016


http://www.aim.ph/blog/5-ways-to-manage-new-threats-in-todays-cybersecurity-
landscape/

As technology evolves, so do the security threats that continue to hound IT
networks. New vulnerabilities and sophisticated methods are regularly being
discovered by experts and IT support teams, many of which are likely being
exploited by cyber criminals as soon as they are found.

This is because they have better tools, knowledge and expertise by which to
find privileged company information, penetrate firewalls, or probe
networks, and then send the confidential data they’ve taken to their own
home or private controllers. Furthermore, cyber criminals continue to use
social media and the Internet to spot key company personnel who could
possess classified information, using what they know to gain access to the
organizations these employees are affiliated with.

The rise of the Internet of Things and our dependence on products that have
been embedded with Internet-based architectures have made it easier and
faster to conduct business operations, but it comes at a price: the
seamless connectivity among devices have likewise made it easier for
criminals to infiltrate your system well.

The best response against cyber attacks will depend upon the situation. New
threats appear from improved existing tactics while old hacking tricks can
still work with enough creativity and precise execution. There’s the
evolution of ransomware, the resurgence of DDoS, the risk of insider
threats and combination of cyber attacks with old school heist.

Just when you think that the back door is locked and the dogs will keep the
thieves out your front door, there’s always that one person who gets
creative enough to be one step ahead.

Fortunately, it can be said that the common thread among cyber attacks are
system vulnerabilities and human error that create permeable spots in your
network. Once you have the best practices in place, it will create a
mitigation strategy.

Here are five ways that can help you manage cyber threats in an ever
changing cyber security landscape.

1. Have a trusted white-listing capability in place.

This approach only allows access application into a network if they pass a
set of rules that identify them as safe, trustworthy sources. It veers away
from the usual method of blocking the “known bad” by providing default
access to the “known good.”

Any unknown apps or sources are, then, automatically drawn into an isolated
container, a preventive measure that helps minimize exposure to any malware
from overtaking your network. For this to work, you must have a
comprehensive whitelist of executables and applications that you’ve
identified as the “known good.”

However, it’s still important to monitor your network for suspicious
activity even with a secure white-list. Criminal hackers today are skilled
enough to pass as network or system administrators.

 2. Use identity management software to protect access privileges and
prevent data loss.

One of the most popular attack vectors that hackers use is identity,
wherein they gain entry through key employees with authorized access to
privileged information. You must define who these key personnel are, and
protect their credentials by using tools to help increase security and
lessen the chances of penetrating their access and authority.

Supplement your policy process with identity management software, where
strict measures are enforced that apply to everyone, even the C-Suite.

At the same time, a solid data loss prevention protection solution can
protect even the smallest bit of confidential information from going out of
your network, which will help, even if there are no identity management
solutions in place, but addresses the entire information assets of the
business.

 3. Conduct regular awareness training.

Awareness training is about disseminating updates through team huddles,
short morning debriefs, case studies, role playing or training via virtual
classrooms, and online refresher training. Aside from those effective
methods, you can also invest in software that conducts random tests
throughout the year to keep employees on their toes.

The most advanced malware infections are the product of phishing,
malvertisement, and spoofing. A software that launches these tests
throughout the year is an effective means of ensuring that employees stay
alert and that they always keep aware of these common entryways the hackers
use to infiltrate the system.

 4. When it comes to software, less is more.

You will need software that guards your network against both internal and
external threats. On top of that, it’s advisable to focus on five of the
most common entry points for hackers to penetrate—website, your perimeter,
network, endpoints, and programs/files/databases.

There are more than 435 software packages to choose from that specialize in
either one of those attack vectors. Take the time to consult with a
security expert to help you identify which software products suit your
business needs the most.

Chances are, having a subscription to only a few but highly specialized
software systems are enough to provide you adequate protection without
getting entangled in a lot of unnecessary apps or tools, not to the mention
the added cost.

5. Assign a dedicated team.

Technology cannot adequately replace having a team dedicated to monitoring
security threats that might come into the horizon. Software can only do so
much. So, you must have the ability to monitor the integrity of your IT
system on a 24/7 basis.

Remember that it only takes an hour for the best infiltrating tools to do
their work on your infrastructure, so if you only have someone checking it
during working hours, you’re vulnerable the rest of the time.

Do this by building a staff that works under a shifting schedule, including
weekends and non-work hours. Another viable option is hiring a third party
IT security provider.

Also, don’t forget to assemble a response team that will be responsible for
developing and implementing your cyber incident response plan. This will
ensure that whatever type of cyber attack you experience will be handled
and dealt with properly.


According to Steve King, Chief Security and Operating Officer of Netswitch
Technology Management, Inc., we can expect more hackers to emerge and
cyberattacks to proliferate in the near future, where “the annual cost of
losses from global cyber-crime has added more than $100 billion annually.”

Unfortunately, cyber attacks are here to stay. Thus, it is best to face
this fact and prepare adequately as much as you can. It is possible to
avoid or, at the very least, lessen the adverse effects by regular updating
your company’s security measures.

Such policies must include a step by step disaster recovery process that is
clearly communicated to everyone on your team. Nothing is completely
guaranteed, but doing your own due diligence and adopting a multilayered
defense strategy will pay off should a major cyber attack strike.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161025/3297b321/attachment.html>


More information about the BreachExchange mailing list