[BreachExchange] Think IT Can Handle Security On Its Own? Think Again
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Mar 28 18:57:33 EDT 2017
http://www.techzone360.com/topics/techzone/articles/2017/
03/28/430769-think-it-handle-security-its-own-think-aga.htm
One of the major fears of any IT department is losing control – of
projects, of users, of applications. Yet, even with the best technology
solutions, there is no way for IT to have complete control over what is
arguably the most important thing: security.
There are simply too many threats coming from too many places and in too
many forms for IT to protect fully against every single one. IT needs help.
To maximize your company’s security, every employee needs to be aware of
their role in the fight against cyber threats.
Below are three of the most common security threats that can bypass
traditional IT and security solutions, and three ways your company can help
regain control.
Social hacking
Social hacking is maybe the most personal cyber attack. It is, simply, when
a hacker gets access to your systems and data by manipulating an employee
in a personal way. There are a few popular examples. First, a hacker sends
an email that seems to be from a high-ranking client employee – think
C-level – asking for sensitive data about their account or your company.
Since the request comes from a familiar, important person, the employee
provides the information, never noticing that the email address was one
letter off from the real one.
Another, more insidious version of this attack involves hackers disguising
themselves in an employee’s social network connections. They then gather
personal information about the person and use it to get close to them. Once
the hacker has the employee’s trust, they request – and often get –
information that can compromise your company’s security – all without your
employee thinking twice about it.
Ransomware
Ransomware is just what it sounds like: your company gets held for ransom
by hackers. The idea is that hackers gain access to your data and lock you
out, then demand payment to return control to you. Ransomware attackers
often get this access through email attachments or Internet downloads that
look like legitimate files.
However they gain access, the result is the same; your data is held
hostage. The costs of these attacks don’t end with the ransom, either. When
you consider downtime, employee time to get the files restored, and even
legal fees and compliance fines, the true cost of a ransomware attack is
often many times the ransom amount.
Simple human error
Human error is perhaps the most unnerving for IT departments. The problem
is so big, and the situations so varied, it’s hard to know where to start.
An employee may leave a laptop unguarded at a coffee shop, forget their
cell phone on the seat of a train, or even just drop a USB drive out of
their pocket. This list continues, but you get the point. If these
seemingly innocuous actions lead to the devices getting in the wrong hands,
your network and data can easily be compromised.
Now that we’ve seen some of the attacks that keep your IT department up at
night, it’s only fair that we look at some ways to mitigate them.
Backup your data
Backing up critical data is something we all mean to do, but probably
actually do a lot less frequently than we should. But if you get attacked,
a recent system backup is one of the most important things you can have to
get back up and running quickly. If you suffer a ransomware attack, you’re
much more likely to have to pay up if you haven’t backed up in a month than
if you religiously backup on a regular basis.
It’s not enough to just backup, of course. You also have to test to make
sure your backups will perform in the case of an emergency. There are
managed backup and recovery solutions out there that can help automate this
process so it happens in the background, without taking up valuable IT
resources.
Dispose of your data
In addition to backing up your data, it’s important to dispose of it when
necessary. Old data is a real security threat that is often stored in
unsecure ways, or completely forgotten.
Your company should have a consistent, documented protocol for the disposal
process. If your whole team conforms to the same procedure of what data to
dispose of, when and how, this data becomes much less likely to be
compromised. This step is so critical that many companies not only train
employees on the process, but have them sign a document confirming that
they will follow – and understand completely – the protocols. This isn’t a
bad idea when you consider the risk old data can be.
Employee training
We’ll end with, bar none, the most important non-technical thing you can do
to avoid cyber attacks: employee training. Training on data disposal is
critical, but that’s just the tip of the iceberg. The more your employees
know about the attacks they could face, how to recognize them and what to
do if they think they’ve been compromised, the better off you are.
This training can’t just be given when employees come on board. It has to
be consistent, and it has to evolve as threats do. This means more
frequent, shorter updates. Just running training sessions isn’t enough, of
course. Many companies give random tests to see how employees do, a
practice I wholeheartedly recommend. For example, one company sent an email
saying the employee had received a raise – all they had to do was go to a
site and enter some personal information. Two-thirds of the employees
entered their information and failed the test. Now, offering a fake raise
is maybe not the most employee-friendly way to test, but there are any
number of scenarios to use that can check your employees’ knowledge.
The cybersecurity landscape is getting more complex every day. IT does
everything it can, but it needs the help of the entire organization to keep
you as safe as possible. Recognizing these potential attacks and enacting
these three simple strategies can ease IT’s burden, and ultimately keep
your company safer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170328/ae434d1e/attachment.html>
More information about the BreachExchange
mailing list