By Isaac Kohen, VP of R&D at Teramind, provider of behavior analytics, business intelligence and data loss prevention (“DLP”) for enterprises.
Cybersecurity is a big, expensive deal for every company. Whether you’re leading a global corporation or a small or midsize business, or SMB, cyber threats are always close at hand.
Most people understand the immediate financial risk of a cyber-attack or data breach. The staggeringly high numbers are frequently plastered on front-page headlines, making it abundantly clear what’s at stake. According to the most recent industry data, companies can expect to spend more than $4 million recovering from a data breach, a substantial price that seems to go up yearly.
Of course, the repercussions go far beyond just immediate monetary costs. Reputation damage, which is difficult to quantify, negatively impacts everything from brand loyalty to future customer acquisition. At the same time, opportunity costs from a cybersecurity incident further increase the expense for companies.
That’s why it’s worth asking the question again: “Is your company cyber-secure?” The answer is essential, so here is a readiness checklist for today’s top threats to help answer this question accurately.
1. Employees can identify and defend against increasingly sophisticated phishing scams and social engineering attacks.
Threat actors send more than 3 billion phishing emails every day. While many are unconvincing, ineffective or blocked by spam filters, some will arrive in employees’ inboxes where unsuspecting or unprepared employees may provide cybercriminals front-door access to company data or IT infrastructure.
Collectively, phishing is the most common cause of a data breach, and malicious messages are becoming more difficult to detect. Many phishing emails no longer contain the egregious spelling or syntax errors that were once tell-tale signs of fraud. Instead, cybercriminals are leveraging billions of compromised records to craft convincing, authentic-looking messages that put companies at risk.
In addition, threat actors are expanding their efforts beyond email, targeting people with SMS messages—known as smishing—and other methods, requiring companies to better prepare employees to respond.
Fortunately, phishing scam awareness training works. When coupled with digital accountability measures that ensure people are following cybersecurity best practices, like enabling two-factor authentication and using strong, unique passwords for all accounts, companies can be confident that a single email won’t cause a significant cybersecurity incident.
2. A ransomware response plan is in place and practiced.
In 2022, it’s simply inexcusable for companies to operate without a ransomware response plan. Threat actors are leveraging this uniquely disruptive moment, capitalizing on pandemic-related uncertainty, geopolitical conflict and economic turmoil to enact devastating ransomware attacks on government agencies, healthcare facilities, financial services firms and SMBs.
In response, companies should continue investing in cybersecurity technologies while recognizing that the human element is often the culprit. For instance, the top causes of ransomware infection include:
• phishing emails
• poor use practices
• lack of cybersecurity training
• weak passwords
Each of these security elements can be combated by recognizing that insiders play an important part in a company’s defensive posture and providing the needed training and accountability to support their professional development in this area.
If a ransomware attack occurs, companies need to know how they will respond. You need a clear chain of command, response actions, communication protocols and other standards that can mitigate the impact of a successful attack.
3. Insider threats are recognized and accounted for.
Insider threats—people with legitimate access to a company’s IT infrastructure and data—including employees, contractors and trusted third parties, can be a significant cybersecurity vulnerability
Often overlooked because of their insider status, these threats too often go undetected and undeterred until it’s too late. Companies need to activate human intelligence to account for insider threats, equipping all stakeholders to report potentially problematic behavior to an established and communicated chain of command.
At the same time, companies should leverage software solutions that can detect and prevent insider threats by identifying anomalous behavior and alerting company leaders or cybersecurity teams. Specifically, companies should consider software (full disclosure: my company offers this software) that provides:
• endpoint monitoring
• user and entity behavior analytics
• user activity monitoring
By combining human intelligence and software solutions, companies are positioned to detect, investigate and prevent malicious or accidental insiders from compromising cybersecurity.
4. Cloud infrastructure is secure and maintained.
Most companies rely on cloud infrastructure to host all or part of their digital offerings. Cloud platforms provide companies with affordable, reliable features and services that meet consumer demand.
They also must be appropriately secured and maintained to be effective. According to VentureBeat, more than one-third of organizations have suffered a cloud leak or breach in the past year. While cloud providers are often responsible for infrastructure upkeep, companies are charged with the application layer. Simple oversights, like forgetting to set a password, can lead to a serious cybersecurity incident.
In other words, cloud infrastructure can’t be a “set it and forget it” business element. It must be carefully secured and rigorously maintained to be an asset rather than a vulnerability.
Are you cyber-secure?
Few things are as important to today’s companies as their cyber-readiness. Cyber-secure companies are more competitive, resilient and sustainable than their unprepared counterparts. Right now, many are failing at this critical priority.
Don’t just assume that your organization’s status quo is good enough. Really ask the question, “Is my company actually cyber-secure?” If not, now is the right time to take action.