Remember back when you weren’t as worried about locking your house up at night? When you didn’t set a security alarm when you left for the day?
Those ‘old days’ of not having to worry much about your possessions seems to have faded into the past. While I’m not an expert on home invasion statistics, I can certainly say criminals are finding ways to exploit your technology more and more to either steal or hold what you value ransom.
Their main target? Your business.
I’m not going to sound any alarms today because I know you already are aware—at least at some level—of some of the threats to your business data. You’ve seen the news about another data breach or ransomware attack, costing in some instances your entire net worth or more for a recovery effort.
I’m sure you’re thinking about annual planning for next year and hopefully you’re budgeting some effort towards making sure your network and your team are secure.
The problem? Cybersecurity does not run on your calendar.
In cybersecurity, twelve months is a lifetime.
Think back to that flip phone that you might have carried around back in the ‘90’s and early 2000’s. Would you ever think of using something like that again? Probably not. It’s just not good enough compared to the brand new shiny iPhones or Androids out on the market today. That flip phone couldn’t do a tenth of what you expect a phone to do today.
Technology moves too fast to hold on to old technology—and that is especially true with cybersecurity.
Cybersecurity cannot always wait for your annual planning meeting.
Now don’t get me wrong—having an annual meeting to reassess what’s working and what’s not and figuring out where you’re going next year is important. And today it’s more critical than ever to include cybersecurity into your discussions.
But malicious actors are on the move updating constantly on the move, updating their tactics to bypass your security measures. Waiting 12 months to respond, test or update your strategy might not do enough to keep you safe from an attack.
How to get security that actually makes sense for 2020?
In terms of prioritizing your objectives, remember what’s important to you, your team and your organization. Realize that there are different paths to get into your network and into sensitive information it stores.
Your IT team should help you understand what these paths look like and make you feel comfortable that they are addressing the many ways that a hacker may gain a foothold onto your network.
Here are the three primary areas that security experts are currently focused on.
Domain Name Systems
You can think of Domain Name Systems (DNS) as the phone book of the internet. Without DNS, everything reverts to an archaic process where you are typing in the actual IP address associated with a website URL (just as you would have had to remember all of your contact’s phone numbers with an old flip phone). DNS has made the internet pretty easy to use.
The problem with DNS? It is unencrypted and easily exploited in some of the latest hacking tactics. You see, hackers are creating fake addresses, spoofing real websites and stealing critical data that you or your users might put into web forms or transmit to these web pages. Attackers are also making strange requests from your network.
Prepared organizations are monitoring their DNS queries to look for suspicious activity, rejecting odd requests or traffic from suspicious locations (say Russia or China).
I’m sure you’re already thinking about your users clicking on a link as being a big liability. The good news is that you should be able to identify what typical behavior looks like for each of your departments and what information would be reasonable for members on your team to access.
For instance, if your marketing team starts accessing your financial data, if you were monitoring your network traffic, you might be alerted to suspicious activity immediately and investigate what is going on.
Phishing attacks are turning out to be one of the biggest (and easiest) ways criminals are hacking into your organization. In fact, nearly 20% of organizations that have received a major cyberattack in the past year have found that it started through a phishing email.
On top of that, phishing accounts for over 90% of data breaches in 2019—an increase from 65% in 2018.
By monitoring your users’ behavior, you can figure out which machines may be compromised during an attack. Your security team should be able to react to a phishing attack by looking at a user’s footprint on your network and evaluating traffic patterns and activity of that user. This allows for your security team to build a list of suspected machines and temporarily remove specific devices from your network that may be infected with malware.
You have a lot of information on your network that you might not be using effectively today. A lot of the data that you probably will want to regularly return to are found in a network security assessment to get a baseline of what’s working and what’s not visible today.
Your goal in planning for next year should include agile responses to security, baseline monitoring of what’s coming and going from your network and continued education as to how to keep your team safe.