Protecting your business against cyber security threats – People, Process & Technology
The need for organisations to be cyber-resilient against cyber security threats arises not only because of the evolving and proliferating external threats, but also the way our workplaces have changed over the years. While connectivity and the Internet bring huge benefits to our workplace (and lives), they represent a viable target for malicious actors.
Shifts in the way people work and enjoy leisure, as well as the need to always stay connected through technologies have increased points of vulnerability. Every single connection between a network and an Internet-enabled device, system or network can represent a potential security threat.
Attacks are on The Rise
Exploiting technological flaws to gain access to systems is no longer the primary target for online attackers. Human weakness is what is being exploited to gain unauthorised access to emails and applications. Social engineering and “Business Email Compromise” attacks that infiltrate corporate email systems to impersonate senior executives are key techniques to exploit such weakness. Businesses are increasingly looking to machine learning security software solutions to counter these attacks and strengthen their networks, and endpoint devices. Without adding complexity or reducing end-user performance.
“Traditional methods of spotting spoof emails can fail to detect these security threats and attacks, which is where machine learning plays a key role in identifying suspicious activity from seemingly legitimate sources”, says Garth Sperring – Nexon’s Practice Lead for Network and Security. To complement this, business leaders must also educate their staff with the right skills to identify potentially harming emails or scams and have processes in place to investigate and remediate.
Security for the modern workplace
Rather than only focusing on perimeter or endpoint security, robust security solutions require multiple layers of defense to ensure complete protection. With the popularity of cloud services and highly distributed environments, corporate users are using multiple devices across multiple networks and are no longer behind traditional firewalls, thus increasing their susceptibility to potential attacks. Remote and branch offices need the same level of protection as central locations as hackers know precisely just how vulnerable roaming users are.
Traditional I.T. infrastructure, accessed via a private corporate WAN or centralised VPN, were built with users accessing services from behind a corporate firewall in mind – not modern branch offices and roaming users. As networks become decentralised and organisations migrate from WAN to SD-WAN solutions, there needs to be a review of security posture to cover a range of internal applications, cloud-based workloads and SaaS applications.
Security for multi-cloud environments
As the number of devices per employee increases in the workforce, so does the likelihood of the use of unauthorised apps. As more employees work on-the-go, popular cloud-based apps can be easier to use and more convenient than some IT-approved apps. While employees are only trying to increase their productivity, the reality is that they may be exposing company data and increasing the risk of breaches. This needs to be addressed by monitoring usage of devices, offering alternatives by improving corporate tools and communication across teams.
The size of the organisation does not matter either. Both large enterprises and small businesses are targeted just the same. The latter should not operate under the belief that sophisticated attacks are only the concern of large enterprises and do not have a need for a robust security solution and strategy. They are often viewed as “soft targets”, not just because they tend to employ weaker defenses, but also because they are less likely to identify and appreciate the severity of the threat.
Real-time visibility and control of all business systems is important in order to add context and correlate events so that defences can be coordinated. This allows for pre-emptive, rather than reactive, actions to thwart an attack such as automatically enabling two-factor authentication when suspicious behavior is detected. An example of a common suspicious behavior, that could trigger this response, is where a specific user logs into systems from multiple locations simultaneously, appearing to be in two places at the same time.
“Security is not a one-off project, not just a box to tick on a checklist, it needs to be continuous and it needs to be holistic” Sperring says. “It’s not just about bolstering your cyber defences against cyber security threats; it’s about fostering cyber resilience, so you’re better equipped to defend against attacks and also to weather the storm if they do hit their mark”
Read more on the subject here.