[BreachExchange] Arm your organization with an effective cybersecurity posture
Audrey McNeil
audrey at riskbasedsecurity.com
Thu Jun 29 19:45:46 EDT 2017
http://www.nhbr.com/July-21-2017/Arm-your-organization-with-an-effective-
cybersecurity-posture/
Cybersecurity is a hot topic these days. If we’re not being bombarded with
news of government cyber-espionage, we’re getting constant updates on the
latest and greatest data breaches in the private sector. There’s no
escaping it – it’s real, it’s happening and, unfortunately, there’s no
single “silver bullet” that’s going to stop the hackers from trying to
access your company’s network.
If your business stores Personally Identifiable Information (PII) on your
network – which is likely – it’s crucial to have a “layered approach” to
network security. By way of example, let’s discuss a few of those layers:
Email Encryption: Given the free-flow exchange of information in business
these days, there are times when email encryption is not only desirable –
it’s required. The reality is that unencrypted emails appear as “clear
text” on the internet – available for the perusal of any prying eyes that
are interested. Utilizing email encryption not only secures your message
and data but helps compliance with regulatory and state privacy laws.
Spam Filtering: Cybercriminals utilize email to deliver targeted phishing
(or “spear-phishing”) attacks intended to deceive your employees into
sharing login credentials, or alternately to deploy malware or ransomware
to your network. By utilizing a cloud-delivered spam filter, many of these
deceptive emails are captured and quarantined in the cloud before ever
reaching your email server.
User Training: A crucial (and often overlooked) layer of security is
end-user training. Many times, your employees are the weakest link when it
comes to organizational IT security. Regular and repeated security
awareness training provides education and simulated phishing attacks, then
measures your teams’ response – helping to specifically identify those
employees who need more training to prevent unwanted outcomes.
Patching: Ensuring that your network receives critical security patches on
a regular and timely basis is a crucial layer in a multi-layered defense
approach against cyberattacks. A recent real-life example, known as
“WannaCry,” struck computer networks all over the world. Organizations
compromised by the attack were impacted because their workstations were
improperly patched or neglected completely. For this attack to be
successful, three defense breakdowns occurred:
The phishing email had to outsmart the spam filter (1st layer).
The end-user had to be fooled into clicking on the link in the email (2nd
layer).
The workstation needed to be unpatched (3rd layer).
Clearly, around the globe, there were many organizations that fell victim
to WannaCry. However, there were many others who were protected – maybe
because their spam filter stopped the incoming emails, maybe because their
users were trained to spot the signs of a phishing attack, or maybe because
their workstations were patched properly. In any case, WannaCry was a
textbook example of how and why “layers” of security are effective (or
ineffective, if not implemented).
There are many other layers of security worth discussing – anti-virus,
event-correlation, encrypted off-site backups, just to name a few – but
there’s one layer in particular that is often neglected.
The “p” word
You guessed it: policy. The very word conjures up images of thick, dusty
binders, long-neglected and irrelevant.
An Information Security Policy is a crucial layer of security defense. It’s
the foundation; where your organization lays out the standards for
protecting data, establishes job-relevant security levels within your
organization and sets the company path for compliance. In short, it answers
the question: how does your company protect your customer and employee data
from prying eyes?
A subset of the Information Security Policy is the Acceptable Use Agreement
(AUA). If the Information Security Policy outlines the company’s
requirements, the AUA details the employee’s requirements. It’s up to your
company to set rules for your employees, and then to enforce them – up to
and including termination in some cases. That might seem severe – but your
business’ reputation is at risk every day, and employee compliance is a
crucial layer of security.
Maintaining a layered approach to security is the best way to secure your
network and data. Your Information Security Policy is one crucial layer –
the one that establishes physical, technical and administrative security
standards for your organization. If those standards seem too dusty, it
might be time to take a fresh look.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170629/d164548d/attachment.html>
More information about the BreachExchange
mailing list