[BreachExchange] How SMEs can keep data safe during summer holiday season
Audrey McNeil
audrey at riskbasedsecurity.com
Mon Jul 24 20:31:20 EDT 2017
http://www.itproportal.com/features/how-smes-can-keep-
data-safe-during-summer-holiday-season/
As we move through the summer months, thoughts predictably switch from work
to holidays. Instead of focusing on next week’s supplier or stakeholder
meeting, employees begin mentally packing suitcases and deciding on how
best to get to the airport. While it’s inevitable that some of the
workforce will head for warmer climates, the increase in the number of ‘out
of offices’ often causes issues for small- and medium-sized enterprises
(SMEs), particularly around data security.
One of the biggest challenges is employees accessing data remotely. Despite
being away, many can’t resist the temptation to quickly check their e-mail
or make a phone call. While there has been an increase in the number of
employees regularly working outside of offices, they are usually operating
from home or somewhere with a secure connection. As staff travel to
far-flung places, they may access corporate data via free Wi-Fi or other
unsecured connections, immediately putting information at risk of loss or
compromise.
Another huge issue is cybercrime. SMEs, which typically have fewer
cybersecurity tools and less expertise than larger firms, are regularly
targeted by cybercriminals who see them as low-hanging fruit. Moreover, the
tools perpetrators are using continue to evolve, becoming more
sophisticated in the way they hunt for and exploit weaknesses, all the
while reducing the level of skill required to operate them. The Dark Web is
awash with DIY cyberattack kits, empowering anyone to initiate attacks from
even the most basic of devices. SMEs face an ongoing onslaught that shows
few signs of easing.
The challenge is exacerbated during the summer months when resources are
stretched even more thinly as employees take time-off, something
cybercriminals are very aware of. As such, they are becoming more tactical
around when they launch assaults, choosing days and times when attacks are
most likely to go unnoticed or cause effects that SMEs struggle to rectify
themselves.
Take the two recent global ransomware attacks, for example. May’s
‘WannaCry’ attack, which impacted NHS organisations across the UK, started
on a Friday afternoon, a time when many had already headed home for the
weekend. While the large majority of impacted organisations were far bigger
than SMEs, they struggled to get systems back up and running; in fact,
citizens were advised against visiting GP surgeries on the following Monday
and Tuesday due to the ongoing fallout. Similarly, June’s ‘Petya’ attack,
which affected a large number of businesses in Poland as well as huge
companies such as WPP and Maersk, was initiated in the final week of the
month – a week after many of the schools in Poland broke up for summer,
meaning some employees will have been away.
As the examples highlight, ransomware attacks can cause days of downtime
which, to some SMEs, can prove fatal. As such, cybercriminals choose to
launch attacks when businesses are most vulnerable and, therefore, more
likely to give in and pay up. When faced with hours or days of being unable
to complete tasks and fulfill customer requests, paying ransoms is often
viewed by cybercrime victims as the least bad option.
With the risk to data security increasing during the summer months, there
are a few steps SMEs can take to mitigate them (which doesn’t include
banning all holidays):
Train employees: Cybersecurity threats are constantly evolving and staff
must be aware of the risks that accessing data abroad can create. As such,
it’s vital to train employees about the best practices of handling data,
with a greater focus placed on managing sensitive information. They should
also be educated about common threats, hacking techniques and how to
prevent, detect and respond to data loss incidents.
Create straightforward cybersecurity policies: Support employees by
creating and distributing a clear set of rules and instructions regarding
cybersecurity practices. A challenge that many face is while drafting
policies that cover all the bases, they often use jargon and complex
wording that no one bar the experts understand, resulting in many employees
not even reading them. Simple wording ensures that staff know what’s what
and can apply cybersecurity rules throughout the day.
Stretch protection beyond networks: Traditional data loss tools that simply
monitor network perimeters are no longer suitable for this cloud-driven
mobile world. Corporate data is increasingly being accessed via personal
devices, so businesses must ensure that data is secured regardless of where
it’s being used. This should include strong password requirements that
expire on a regular basis, to help mitigate the risk of stolen credentials.
Employees should also be encouraged to install robust firewalls, VPN and
antivirus onto personal devices to help mitigate some of the risks.
Adopt a multilayered cybersecurity approach, which includes backup: While
all devices should have preventative defence measures installed – which
must be regularly patched to ensure they can detect common attacks – it’s
becoming increasingly clear that cyber threats are always one step ahead.
Ransomware strains, for example, are ever-evolving and new versions are
able to slip past detection software. As such, the only true method of
mitigating ransomware attacks is through backup. With snapshots taken at
regular intervals, SMEs are able to easily roll systems back to a point
before the attack hit. This ensures that data remains accessible and
recoverable, no matter what happens.
Ultimately, as SMEs struggle to defend against the barrage of cyberattacks
and mitigate the risk of data loss, summer holidays represent a challenge.
Resources are spread thinly to cover absences and employees inevitably drop
their guard. Businesses must ensure that they are training staff so that
they understand cyber threats and how their actions can place corporate
data at risk, with this information then reinforced through easy-to-read
policies. Furthermore, SMEs can no longer rely simply on preventative
cybersecurity measures to keep them secure from new attacks. They must
implement a comprehensive multilayered defence that includes backup,
empowering them to revert to a healthy point prior to an attack taking
hold, regardless of its sophistication.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170724/82186056/attachment.html>
More information about the BreachExchange
mailing list