Danny Lopez, CEO at Glasswall explains the importance of being cyber smart and why businesses should make a conscious effort to refresh their cyber hygiene regularly.
In the first half of 2021 alone there was a 93% increase in ransomware attacks compared to the same period in 2020. Ransomware demands are also reaching new highs, as the average ransom payment has risen to US$570,000, an 82% increase since last year. Given these challenges, it’s vital that businesses don’t become complacent with their security and instead, look for ways to raise standards across the board.
At the heart of every healthy security strategy is the need for effective cyber hygiene. This is the process whereby organizations constantly monitor and review issues like hardware and software upgrades, passwords, and device encryption, as well as backups and user training. While this may represent some of the most basic steps available to increase security, it’s also an area relied on by cybercriminals as they seek to exploit gaps in cyber hygiene to mount successful attacks.
Indeed, the impact of ineffective cyber hygiene can be catastrophic. Take the infamous SolarWinds attack, for example, which involved a huge range of companies, organizations and government departments. Better cyber hygiene – especially, separating some SolarWinds servers from outbound internet traffic – may have helped avert the supply chain assault, according to the Cybersecurity and Infrastructure Security Agency.
Taking employees off the cybersecurity’ front line’
Many businesses regard cyber hygiene as an issue that primarily impacts their employees, and view them as the first and primary line of defence against attack. As a result, they place an excessive amount of emphasis on ‘box ticking’ training, thinking that this is the most likely to reduce the possibilities of a successful breach. In this context, users are given a set of rules and processes to follow that can have a positive impact on security, but assume that people will remember everything they have been taught and never make mistakes.
While promoting some kind of cyber hygiene is always a good idea, attackers are increasingly relying on predictable human behavior to increase their chances of success. In particular, it’s important to understand that minds may be ‘hacked’, and many of our most common characteristics, such as curiosity, trustworthiness, and even propensity to accept routine, might make us unwitting participants in a game that is massively stacked against us.
This helps explain why phishing has been at the top of the list for the past two years as the most common breach tactic – last year alone, 75% of organizations throughout the world were on the receiving end of a phishing effort. But, instead of forcing users onto the front line of cybersecurity defence and being given the option of making an imprudent decision, we need to eliminate dangers from the equation.
Disarming file-based threats
For instance, file-based threats are now a ubiquitous problem. It’s a particularly difficult cyber hygiene issue to address because many users are quite happy to open a file or document that looks to be from a trustworthy source, even though it might have been designed by cybercriminals to look completely authentic.
Adding to the problem is that file-based attacks are increasingly sophisticated, well designed and effective. But, as soon as the user opens the file, systems and data are at serious risk of malware infection, ransomware attack or a range of other potentially serious security issues. Technology plays an important role in addressing this problem, but traditional reactive detection-based security solutions, such as antivirus and sandboxing, can’t keep up with the growing volume of attacks.
To remove users from the front line, however, an approach known as Content Disarm and Reconstruction (CDR) intercepts each email-based file before users can open them and rebuilds them to a “known good” security standard proactively and instantly. This ensures that consumers receive secure, clean files that have been rebuilt to the manufacturer’s stated specification, eradicating any potential hiding spots for malware.
To put this in perspective, around one out of every 100,000 files contains dangerous material, with 97% of that content being unknown to anti-virus solutions when it is deleted by CDR solutions. Furthermore, it takes an average of 18 days for detection-based anti-virus programmes to discover this harmful information after it has been removed.
On the other hand, sandboxing exposes enterprises to sophisticated malware and impairs commercial productivity. When organizations are sending and receiving thousands or even millions of files every day, the limitations of traditional cyber hygiene become all too apparent.
- Overcoming SaaS chaos: how to pave the way for the future of work
- Many organizations get cloud migration wrong. Here’s how to get it right
- Wealth management industry leads way with AI technologies
- Founder Feature: Neil Purcell, founder and CEO, Talent Works
For many organizations, their approach to cyber hygiene needs a refresh. In the face of cleverly designed attacks, asking employees to assess and defeat every risk they encounter is increasingly unrealistic and dangerous. Instead, those organizations that can blend best practice processes and training with proactive security technologies will be ideally placed to meet security challenges in the years to come.