With the cyber landscape constantly changing, your organization must be alert to today’s biggest threats and what’s on the horizon. You don’t want to face an uphill battle responding to a cyberattack when you could’ve taken proactive measures to keep your organization safe.
In a recent webinar, Steve Rutkovitz from Choice Cyber Solutions and I discussed the current trends that should be on your radar to protect your organization against an attack.
Below, we’ll explore key takeaways from this webinar, including best practices for building an IT security structure to reduce threats, how to keep up with the changing cyber landscape and building a culture of compliance and cyber security across your organization.
Maintain Your IT
We’ve seen many instances of businesses that let updating their systems fall by the wayside. They start off strong but over time, IT maintenance becomes less of a priority. Because the cyber landscape is rapidly shifting, outdated and neglected technology increases an organization’s risk exponentially and leaves them wide open to vulnerabilities and breaches.
One such business was a manufacturer hit with ransomware. They had outgrown their internal IT resource that was 10 years old and nowhere near equipped to protect against emerging cyber threats. In addition, they had a small budget, little security awareness training for their staff and didn’t factor in how IT impacts every area of the business.
Their outdated equipment and policies led to a remote desktop server being exposed and became the entry point for the ransomware attack. They had cyber insurance and were able to remediate, but it took upwards of six months to fully recover — an amount of time that some businesses couldn’t bounce back from.
Another client that fell victim to a ransomware attack was a logistics and distribution company. They had an individual in charge of their IT who took on the role but was not equipped with the proper training or expertise. They had an open web-based application that was breached and, without layers of protection, allowed bad actors entry into their servers.
While both of these clients had cyber insurance and were able to bounce back, having basic cyber security best practices in place would have saved them from being severely compromised, if at all.
Keep in mind that IT must be applied to every division of an organization. Do not silo cyber security to one department — it affects your whole organization, so everyone should have proper training and technology to guard against threats.
Have You Heard of RaaS?
Ransomware as a Service (RaaS) is one of the newer threats that your organization should be aware of. Like with Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS), RaaS uses the same subscription-based business model to grant ransomware tools those who want to compromise an organization and carry out an attack. It lowers the barrier into the cybercriminal world, allowing even the least experienced hacker to perform sophisticated cyberattacks.
80% of today’s ransomware attacks could be avoided by proper configuration of the services you’re using. The majority of these attacks are not using new techniques, but ones that are tried and true that target the end user to grant access for an attack to occur.
What You Should Do to Enhance Protection
Here are some steps you should take to make sure you’re safeguarded from potential threats.
- Perform regularly scheduled vulnerability assessments
- Classify data to categorize the level of security based on the types of data
- Apply the policy of least privilege and assign teams and staff access according to need
- Move toward a zero trust model that provides multiple layers of protection to stop a breach from gaining deeper access into your network
- Make sure you have a backup in place that is separate from where your data resides in case it becomes compromised
- Adopt true endpoint detection and response (EPDR)
- Centralize signal gathering and monitoring
- Implement security awareness training across your organization
- Enforce strong password rules
- Enable multi-factor authentication (MFA)
Be proactive by focusing on these actions to elevate your security so that you’re prepared in the event your organization is targeted.
How Much Does a Hack or Breach Cost?
Small business breaches cost between $120,000 and $1.24 million — a price that most small companies can’t afford if they fall victim. Costs don’t just coincide with the breach. Performing forensics, hiring attorneys or employing an IT firm for remediation all factor into the financial hit that comes as a result.
Ready for some not-so-fun facts?
- $4.35 million is the average cost of breaches worldwide across small and large businesses
- The largest uptick in the cost of cyberattacks has been seen in the healthcare sector
- The cost of cybercrime is expected to rise to $10.5 trillion worldwide by 2025
(Definitely not something you can turn a blind eye towards.)
The Current State of Cyber Security
There’s been an 81% increase in cyberattacks following the COVID-19 pandemic. This is the result of an increased number of devices being connected to systems, like smart devices. Additionally, office and workflow changes have contributed to security risks as more people work remotely and access networks from various locations.
Top Cyber Threats and Most Common Attacks
The top cyber threats that organizations are encountering today are:
- Phishing attacks
- Ransomware
- Malware
- Brute force attacks
- Insider threats
These are aligned with five of the most common threats experienced by clients of Choice Cyber Solutions and our Technology Solutions Group: cybersquatting, email hacks, spear phishing, ransomware and cryptojacking.
Cybersquatting involves someone acquiring an email domain and using it for malicious purposes. Domains similar to those of legitimate companies can be purchased at a low price and sent out to companies, mimicking a real company’s domain. By registering a domain nearly identical to your company, bad actors can more easily trick your staff into clicking a link or sending sensitive information.
Email hacks are becoming much more sophisticated. Even with MFA enabled, some hackers are able to acquire phone numbers through phishing emails to bypass the second authentication to access accounts.
Spear phishing is a more specific type of phishing. For example, if a hacker knows the name of a C-level person at a company and has a cybersquat on their email domain, they impersonate that individual when sending emails to other members of that organization and make requests for wire transfers or other sensitive information.
When it comes to ransomware, things are no longer as cut and dry as they used to be. Previously, organizations would get hit with ransomware, pay the ransom (which can be illegal) and get the code to access their data. Now, ransom amounts have skyrocketed to hundreds of thousands or millions of dollars, so there’s no way some organizations can afford to get their data back.
Cryptojacking is when an organization’s computer systems are hacked to mine cryptocurrencies and create new coins on the blockchain. Malware on the victim’s devices devotes processing power to cryptomining through either a web browser or a download.
Five Ways to Avoid a Phishing Attack
Should you receive an unexpected email, it could be a phishing attack. Follow these steps to determine if it’s legitimate:
- Identify the real sender
- Check the salutation
- Hover over links with your mouse (without clicking) to view the address and see if it looks suspicious
- Review the contents of the email footer
- When in doubt, delete the email
Taking these simple steps will keep you from letting in threats with devastating outcomes.
Building a Culture of Cyber Security and Compliance
Organizations that have made it a priority to establish cyber security and compliance best practices throughout their organization are exponentially better protected against potential threats and attacks. So, how can you integrate this into your company’s culture?
For starters, there’s a difference between security and compliance. Security is the state of being free from danger or a threat, whereas compliance is the act of obeying an order, rule or request. Security is in layers, so you can go above and beyond what’s required to be compliant to ensure you’re protected.
Three factors organizations need to account for include an in-house IT or outsourced managed services provider (MSP), security and compliance. A lot of times, costs to upkeep these factors are coming out of the same budget, which means many organizations must cut corners somewhere.
That’s why it is imperative that separate budgets be built out for IT and managed services, security and compliance. Compliance and security don’t just fall under one department. Every member of your organization needs to be trained on cyber security best practices, regardless of their job role. If compliance is devoted solely to the IT department, it is not a priority across the organization.
Most companies are under budgeting for cyber security, compliance and their IT or MSP. To make cyber security and compliance an integral part of your organization’s culture, you must dedicate the right resources across all your departments.
In the Event of a Breach
When your organization is practicing compliance, you have policies and procedures in place. This way, if a breach occurs, your team knows exactly what to do instead of doing what they think may be the right move. Everything is laid out upfront and employees have proper training, so an incident doesn’t get worse. This strengthens your culture of cyber security and compliance because everyone in your organization knows what to do when facing vulnerabilities.
Keep Business and Personal Information Separate
Make sure to enforce keeping personal information and accounts separate from business with your employees. Should your business experience a breach, this could be catastrophic for certain individuals who have information co-mingled (or vice versa). Instilling this in your company culture is a simple way to secure sensitive information, reduce vulnerabilities and increase security across your organization.
Next Steps to Enhance Your Security
Take action today to increase your organization’s cyber security with these next steps:
- Test backups regularly for your organization’s devices so you know they work properly if needed
- Separate your business and personal information where possible and never use the same passwords for business and personal resources
- Set up MFA for all applications, especially ones that house sensitive information
- Use a secure password management software to store, share and protect your logins
- Schedule a risk assessment to identify vulnerabilities hidden in your network and what’s holding you back from meeting compliance requirements
Need Help?
Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a cyber security risk assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.