No business is a bystander. Ensure you aren’t a victim, either.
You’re On The Front Line Already
Keeping your business as secure as attackers are active is a never-ending challenge. About 500 cybersecurity professionals surveyed (according to The Life and Times of Cybersecurity Professionals 2021) emphasized that there was a shortage of security skills before the shift to remote work. Since then, the problem has only intensified—many security teams are overloaded, critical positions are left open, and staff are burned out keeping their ships afloat in unpredictable waters (ISSA).
A survey by TechRepublic in 2017 made it even clearer how many businesses are underprepared for the “unexpected”—where 6 out of 10 admitted less than half of their employees could combat complex security problems. Teams and technology that could both succeed in the present and adapt for what’s around the corner were ‘proactive’ before, but are the only kind of business that can hold a sustainable competitive advantage now.
Cyber attack activity is increasing in and outside of Ukraine, and although the scope of attacks on major systems and critical infrastructure remain targeted primarily at Ukraine, we’re confident attackers wouldn’t turn down an opportunity elsewhere where the door was held open. Even if you “have security measures in place” already, we’re here to help you reconsider what constitutes enough—and how to know.
The Current State of Cyber Conflict
If you haven’t tested your team’s response to unplanned incidents—from disaster to targeted attack—you won’t know if your armor is suited to the battle its intended for. Systems that were optimal a year ago now have inherent gaps in security, compliance, and operational efficiency if they haven’t changed. For example, the increasingly widespread hybrid and remote workforce models have opened more corporate resources and sensitive data to Starbucks and home Wi-Fi networks than ever before.
In March this year (2022), the Department of Justice made public the details of a Russian hacking campaign that demonstrate the expansive potential for damage from just a few threat actors. Four Russian government employees, over six years (from 2012 to 2018), targeted thousands of computers across hundreds of companies and organizations in about 135 countries in the global energy sector.
These attacks targeted the software and hardware that control equipment in power generation facilities—called ICS or SCADA systems. The malware, known publicly as “Havex”, was hidden in legitimate software updates for the computer networks of these ICS and SCADA system manufacturers. The downloaded “updates” opened back doors and scanned the networks of these systems for additional devices to infect. Combined with:
- Spear Phishing,
- Watering Hole, and
- Trojan Horse
attacks, the conspirators installed malware on 17,000 devices in the United States and abroad. Deputy Attorney General Lisa O. Monaco responded that, although these revealed criminal charges reflect past activity, “they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant” (DoJ).
The Dangers That Will Draft You
While the scope of attack vectors spanning the digital landscape right now remains wide as ever, it’s important to identify the most likely you can expect, as well as evolving methods that may inspire or make way for even more.
-
Phishing
Because of its effectiveness in leveraging the vulnerability most challenging
to secure (humans), phishing attacks remain one of the most prevalent attack methods—linked to 90% of all data breaches—and the second most costly cause of breach (Tessian).
-
Browser-in-the-browser
A new phishing technique that presents itself in the form of a malicious
pop-up window, Browser-in-the-Browser (BITB), is surging because of its difficulty to distinguish—even for the aware—from a legitimate pop-up. Ever signed into your account using SSO (single sign-on) like this? You could be provided a malicious sign-on window spoofing a legitimate one, where you’d type your username and password right into the threat actor’s hands.
-
Ransomware
No longer do threat actors have to perform unique activities with their own
ransomware code to execute an attack. RaaS, or, Ransomware-as-a-Service,
is growing in popularity as a pay-for-use platform that delivers the operational infrastructure and ransomware code needed to launch strikes.
-
DDoS
According to Cloudflare, the first quarter of 2022 experienced “a massive
spike in application-layer DDoS attacks, but a decrease in the total number of network-layer DDoS attacks.” Despite this decrease, there was still a surge in volumetric DDoS attacks “by up to 645%.” With teams continuing to spread across more devices and in more locations to work, the need for protection against denial-of-service attacks is becoming increasingly urgent.
How to manage your risk and mitigate threats
Evaluate your security posture. Audits do more than just measure.
A comprehensive dive into the people, processes, and technology you have in place, and the various paths attacks can take to breach your network, freeze your operations, or expose your customers’ sensitive data is vital for an informed and secure digital transformation.
Typical audits fundamentally:
- Assess your risk
- Check your compliance
- Recommend solutions for proactive and reactive readiness
The audit you deserve:
- Identifies overspending in your stack that can be applied toward critical security gaps and other needed solutions
- Diagnoses the headache of your role and the friction in your systems and processes
- Upgrades aging solutions to enable scalability and adaptability, enabling you to pay only for what you need. Your resources in times of crisis are then maximized
This can be accomplished with a comprehensive technology and cybersecurity audit of your business. Services like NIST Audit as a Service are particularly convenient for businesses in regulated industries who need to quickly and transparently measure their compliance with industry standards and frameworks like HIPAA, NIST, and GDPR.
As is turns out, “51% of IT executives feel that their IT budgets are either somewhat inadequate or very inadequate to meet the needs of the business,” according to IT Spending & Staffing Benchmarks for 2021/2022 from Avasant Research. If you’re left wondering whether you have the adequate resources for comprehensive security and compliance, whomever you’ve been consulting has failed you.
Perhaps the time it takes to fully assess your position relative to your competition and to the threat landscape isn’t something you can afford with all you have on your plate as a technology or business leader for your organization—we get that. In our experience, we’ve found that that’s among the top reasons technology decision makers we speak with have enjoyed their audit experiences.
Have a response plan and test it.
Your continuity plan should prepare your ability to maintain business operations in the event of disruption. Your disaster recovery plan provides an additional safety net with detailed steps to recover from attack or outage or disaster, etc. Yet, a survey by IBM in 2018 releaved that 77% of respondents didn’t have formal cyber security incident response plans (CSIRP) applied consistently across their organization (TechRepublic). To add, only 31% had the proper budget in place to boost their security capabilities. While financial constraints aren’t wished away, there are fundamental security measures that will close critical gaps in your stack without breaking the bank.
Phish test your team and train them on cybersecurity awareness and proactive practices
This may be a practive you’ve already implemented for your business. Since then, have you been in contact with peer companies or vendors in your network about the evolving threats? Are you confident evolving malware strains and emerging attack vectors like Browser-in-the-Browser attacks still won’t compromise the human element of your cybersecurity defense?
Combining regular cyber hygiene practice with the appropriate basic solutions will greatly reduce your risk of breach or attack and will prepare your teams and your technology to continue to provide your customers value in the face of unplanned incidents:
MFA
Depending on how, when and where your team members might be attempting to access company data and applications, Multi Factor Authentication (MFA) can add a layer of verification to confirm they are who they say they are. A code can be sent to a pre-established trustworthy destination such as an email address, cell phone or USB key, or even a biometric device to vastly reduce the likelihood of cyber breach without breaking the bank or overcomplicating user access. Enabling MFA “makes you 99% less likely to get hacked,” according to Jen Easterly of CISA.
Password manager
With 15 billion leaked in 2020, credentials are proving potent vulnerabilities
to organizations of all sizes (Forbes). Strong and regularly updated passwords are key to protecting against data loss. Benefits like real-time password quality and compromise assessment and secure auto-fill functionality ease user experience so your team can stop rethinking ways to make their first pet’s name unhackable.
Secure remote access
A VPN is a must-have for users needing private and unrestricted internet access. This system allows users to access resources like sites and apps otherwise inaccessible from the public internet, with their sent and received traffic encrypted.
Data backup
Data backup solutions ensure your organization’s data is secure and accessible on-premise or off-site in the event of corruption or loss. Cloud-based remote storage and backup off-site are vital for continuity in the event an entire facility is compromised. Failback and failover automatically relocate data when the primary location is affected. The more time passes between backups or without a proactive solution prepared, the greater risk your business runs suffering.
The Takeaway
Every business is a target. Whether you wind up compromised or are never even touched, maintaining the attitude that prepares for the worst, and securing the corresponding applications in your stack and practices in your team will ensure the inevitable isn’t the undefeatable. A robust cybersecurity defense requires continuous strategic investment and multi-layered protection through both proactive and reactive solutions. Both human and technological sides of your organization must work together.
At the end of the day, the best start for your business is a comprehensive evaluation of the gaps in your security, the overspending in your budget, and the headache of your configuration.
Security & Compliance Zen with Blue Equinox
At Blue Equinox, we dive into all we talked about above and even far deeper. We get to know you, your business, your technology, and what keeps you up at night. We strategize several accordingly budgeted roadmaps for your business to maximize its security and compliance zen before we even ask you to pull out your wallet.
Your focus should be on your core competencies, not securing your data, your users, and your infrastructure. Find out how we make IT simple.
Also see: