- Cyber criminals – Attack and steal information for profit (example: Equifax breach)
- Hackers – Some are pros that do it for research, others are malicious
- Hacktivists – Politically or socially motivated
- Cyber terrorists – Not common today but could become soon
- Nation States – Launching cyberattacks against other countries
A lot of the things we see today in the current environment can be boiled down into a few major problems. Distributed denial of service attacks is one of the major issues. They are continuing to grow in sophistication and the solution to this is a managed DDoS platform. We’ve all heard about Ransomware as well. It is now becoming harder to catch and more prevalent and causing more financial harm. There are actually several solutions to this:
- Endpoint protection
- Email security
- Patch management.
Another problem is traditional malware which is the same stuff we’ve been hearing about for decades now. Endpoint security solutions are what’s responding quickly to that. Lastly, there are routes to malware sites from redirects in ads, the fix for this is a managed secure DNS solution.
QUESTIONS TO ASK
There are some questions you should be asking when you’re assessing your network ecosystem security. Security audits help identify vulnerabilities in the system, so asking when the last security audit or assessment was done is pertinent. If your organization has gone through an audit you will want to find out if they’ve developed a plan to treat the security risks. A cybersecurity report needs to be understood by the organization in order for them to begin mitigating the risks. Knowing the difference between a threat, vulnerability and a risk is very important. A threat is from an attacker that will use a vulnerability that’s not mitigated because someone forgot to identify it as a risk. As you look at limits of a perimeter-oriented security posture, you need to tell your organization leadership that you must have a multi-layered security approach. We don’t live in a world where perimeter-based security is effective anymore, although it is one part of an effective security strategy. Firewalls are definitely important, but today you have to have a multi-layered approach. Let’s discuss some common misconceptions:
- Compliance equals security – Many executives believe that a compliant organization equals a secure organization. They may think, “If I’m aligned with the ISO framework and compliant with regulations like PCI, SOX and GLBA, I must be secure, right?” Unfortunately, it’s not that easy. Companies that have been breached are often seen as negligent, and the government steps in with more calls to regulate. The pressure to comply with policy-based frameworks increases, and companies use those frameworks to help fund and drive improvements in security. While this is good, it teaches executives to aspire to a low bar. Just as passing a health inspection doesn’t guarantee that a restaurant will serve good food, compliance doesn’t guarantee security. It is a minimum requirement, and is not enough to protect an organization from the strategies and tactics being used by hackers today.
- Only a sophisticated hacker can breach your IT – High-profile cyber attacks are often thought to be sophisticated, but many are caused by attackers taking advantage of basic, often unnoticed security vulnerabilities or failures in IT operations. Additionally, the “bad guys,” whether they are nation states, cybercrime rings, or malicious insiders, are professionalizing and building success in attacking companies. They have developed an entire ecosystem, organizing around the steps they go through to break in and steal data, and buying and selling services to one another. If the malicious actor that has targeted your organization doesn’t have the skills they need to breach your network, they can easily go out and buy them.
CYBER SECURITY OPERATIONS CENTER
Here’s a simple straight forward question … do you have a dedicated (company owned, staffed, and funded) Cyber Security Operations Center?
If you do, good for you. It’s not an easy decision to create, staff, and fund a a dedicated company COS. But if you don’t, you can still have the same 24/7 support functionality available by paying someone else to do it for you (at a much cheaper overall cost to your organization).
To learn more about what you can and should do to address your specific enterprise security requirements…and to learn what options may be a good fit for your needs…simply ask us at FreedomFire Communications.
