Cyber Crime is looming large. Organizations of all sizes and types are at risk, but even the most vigilant company can still take over 200 days to even detect a breach, much less respond to it.
All this extra time is a welcome benefit to the hacker. They have ample opportunity to hide out with access to the network and move laterally, elevating privileges to get the information they need. Once they have it, they may hold it for ransom for financial gain or sell it to other criminals with more nefarious intent.
Many organizations understand the importance of cyber security, but if they aren’t sure if they even had a breach, how can they protect themselves?
Education and Awareness
People are always a top target for cyber security, but with the right tools and training, they can also be a strong asset. Cyberculture and awareness should be ingrained throughout your company culture to empower employees to detect and report suspicious activities and possible threats.
This does not mean they must become cyber security professionals but rather can be aware of the common techniques that attackers will use to try and abuse their trust and steal their credentials.
Teach your employees to be vigilant online and identify and report suspicious applications. They should know not to click on ads or links from unknown sources, and why. The same goes for emails from unknown senders with hyperlinks or attachments. They should also be careful with what they share and do on insecure public networks.
Keeping employees on the front lines of cyber defense can help you identify a breach quickly and mitigate its effects. They can protect themselves personally as well, even extending security awareness to their family and friends.
Implement and Enforce Mobile App Security
Mobile apps may seem innocent, but they can pose a risk to your organization. Apps have access to or store a lot of sensitive data, including customer data, that needs to be protected.
Even if the app itself has security controls in place, the users should be responsible for their own activities and habits.
The risks of apps may include:
- Transmitting data without encryption
- Using inadequate authentication and authorization checks
- Leaking data that could be read by other malicious sources
You can limit the risks of mobile apps by taking some basic safety measures, such as limiting app permissions to only those necessary for its function, avoiding storing sensitive information on the app, and implementing certificate pinning. You should also have data security guidelines for mobile app use, such as not saving or reusing passwords.
Analyze Logs for Suspicious Activity
Security logs can be helpful for detecting and responding to a breach or other unusual activity. Make sure you analyze the security logs on a regular basis to identify any odd activities, such as logins or app launches that happen outside of normal business hours or a number of privileged accounts accessing the network at the same time.
If a breach does happen, these logs can be helpful forensically to determine the cause and implement new policies in the future.
Keep Systems Patched and Updated
Make sure systems are always patched and updated. This is not only important for fixing bugs and enhancing features for better use, but it can correct vulnerabilities that create ingress points for malicious hackers. Maintain your regular patches to prevent cyber criminals from exploiting these common gaps.
Use Strong Passwords
Weak or outdated passwords can be a risk for your organization. Train your employees to use strong passwords and change them regularly. Applications don’t have an alert system to warn users that their password is outdated or weak, but you can use an enterprise password vault to help employees maintain safe and secure passwords.
Pay Attention to Privileged Accounts
Employees with privileged access offer entry points for malicious hackers and the ability to elevate access to the network. Only one compromised account can allow the attacker to get the access they need and steal information or maintain persistent access. Identify all privileged accounts, avoid leaving privileges open, and revoke the rights as needed.
Don’t Allow the Installation of Unapproved or Untrusted Applications
Privileged access gives users the power to install and execute applications. Users can install or execute applications easily, and malicious hackers know this. They can then install ransomware or malware to infect the system and maintain persistent access. All it takes is the wrong link or download and the attacker can have what they need. Don’t allow employees to install untrusted applications.
Criminals rely on predictability from their targets, including malicious hackers. If you have a routine, such as patches and updates that take place at the same time every month, the attacker may know that’s the best time to strike.
Be deceptive and unpredictable in your activities. Take an ad-hoc approach to keep the hacker guessing. Having unpredictable scans and patches also limits the amount of time the malicious hacker can hide out in the system, and by extension, limits the information they can access or steal.
Shore Up Your Cyber Security
Cyber crime is an ever-present threat to any organization. With cyber crime on the rise, organizations need to take a proactive approach to not only defend themselves but identify breaches when they occur to mitigate the damage.
Joseph Carson is a cybersecurity professional with more than 25 years of experience in enterprise security and infrastructure. Currently, Carson is the Chief Security Scientist & Advisory CISO at Delinea. He is an active member of the cybersecurity community and a Certified Information Systems Security Professional (CISSP). Carson is also a cybersecurity adviser to several governments, critical infrastructure organizations, and financial and transportation industries, and speaks at conferences globally.