This year’s Cyber Security Awareness Month focuses on the human element of the conversation, with the theme being ‘Do your part. #BeCyberSmart’. When it comes to cyber security, it’s not just the responsibility of the IT team – every person in an organisation has a part to play.
It can be difficult, though, to ensure everyone in a business is cyber-smart, especially with the added concern and vulnerabilities associated with remote working thanks to the on-going pandemic this year. To help organisations focus on the most important things they should be doing in order to #BeCyberSmart, seven IT security experts have come together to give their six top tips to businesses.
1) Equip the business with the proper security tools
Raif Mehmet, VP EMEA, Bitglass begins by explaining that, “in recent years there has been a major shift in the way businesses conduct their operations and how employees do their work. And then in recent months…the shift from office-based to home-based work, combined with a lack of adequate forward planning, has been a painful transition for many.”
Mehmet goes on to discuss the impact remote working has had on organisations, and the technologies that should be implemented:
“Before the start of the year, the prospect of a fully remote workforce seemed far-fetched for the majority of organisations. According to research, only 29 percent of respondents claimed they were fully prepared for remote working when the pandemic hit. From a security perspective the picture is concerning, with 70 percent stating they were either moderately prepared or not prepared at all. Today, across many organisations, corporate culture has changed dramatically. Many people now access, share, and store data in a variety of ways, using diverse services and devices. For this reason, it is now more important than ever for organisations to prioritise security and be cyber aware.
“With the shift to remote working shaping to be long term, businesses can no longer afford to improvise when it comes to data protection. Instead, organisations must invest time and resources into finding appropriate security solutions that are capable of securing data in a remote environment. Fortunately, there’s a wide range of highly effective products and solutions like cloud access security brokers (CASB), and user and entity behaviour analytics (UEBA) that can quickly provide visibility and control, no matter how geographically dispersed a workforce is.
“This Cybersecurity Awareness Month should act as a reminder for organisations to equip themselves with the proper tools to avoid data leakage and other security risks.”
2) Educate and train your employees
Remote working also brings with it the risk of not having a clear view of what exactly your employees are doing on a daily basis. Don Mowbray, EMEA RVP, Tech & Dev at Skillsoft comments that, “in the post-pandemic world, with a majority of employees working from home, the attack vector has changed. These employees are now the most vulnerable part of an organisation’s cyber-defence, with the possibility of social engineering, ransomware and other attacks targeting remote workers.
The key to tackling this is to educate and train employees as to how to stay safe while working remotely.
“While no preparation can reduce the risk of a breach completely, a core focus on developing your employees’ knowledge, skills and awareness can significantly mitigate the risk of succumbing to an attack,” explains Mowbray. “Whether it’s enabling IT and security teams to keep pace with evolving threats and defense measures or increasing awareness of phishing tactics for even the most junior of employees, training needs to be comprehensive, ongoing and regularly reinforced for every employee.”
Andy Collins, Head of Security at Node4 agrees with Mowbray, elaborating on the notion of increasing awareness of phishing tactics. “The core of any strong security program,” Collins explains, “is employees staying mindful of how even the most minor action might be protecting their organisation or opening it up to the risk of attack.
“One of the most effective ways to prepare employees for an inevitable phishing attack is with non-destructive phishing campaigns – simulated campaigns that track and analyse behaviours to give you a clear understanding of how to fill employees’ awareness gaps. Analysing specific individuals or departments with selective spear-phishing testing means you can target training more effectively, from a department level right down to an individual member of staff. The key is consistency of training. As the saying goes: teach your employees how to phish and you can protect them for a lifetime.”
3) Identify and eradicate insider threats
A further impact of a remote workforce can be the danger of an insider threat. Orion Cassetto, Director of Product Marketing, Exabeam, explains that, “It is critical for businesses to recognise that this form of threat from legitimate users has always been more elusive and harder to detect or prevent than traditional external threats. Additionally, while the most common insider threats are not usually motivated by malicious intent, and the damage they cause is unintentional, it is no less ominous to business viability.
“Given those known factors, irregular behaviour detected at the system or network level can be an indicator of an insider threat. There are numerous indicators for insider threats, and knowing how to recognise the signals and keep track of dispersed or remote working employees is a major part of prevention and protection to the enterprise.
“A combination of training, organisational alignment, and technology is the right approach. Specifically, behavioural analytics technology that tracks, collects and analyses user and machine data to detect threats within an organisation is essential. This advanced technology determines anomalous from normal behaviours. This is typically done by collecting data over a period of time to understand what normal user behaviour looks like, then flagging behaviour that does not fit that pattern. It can often spot unusual online behaviours – credential abuse, unusual access patterns, large data uploads – that are telltale signs of insider threats. More importantly, it can often spot these unusual behaviours among compromised insiders long before criminals have gained access to critical systems.”
4) Keep IT systems up-to-date
Another essential tip for organisations is to ensure that all key IT systems, whether they are on-premises or remote, are kept up-to-date. Tim Bandos, VP Cyber Security, Digital Guardian elaborates: “Regularly reviewing system settings and disabling unnecessary services that may leave them open to attack is crucial. It is also absolutely essential that IT systems are constantly updated and free from known vulnerabilities. Whilst data protection solutions can help prevent data loss, successful security programs also require proactive training around employee awareness and their ability to comply. This includes educating remote workers about attacks via SMS and smartphone apps, teaching them to make informed decisions around the use and protection of data. This shifts the focus towards identifying, controlling and securing data, which will ultimately decrease threat risk – and hopefully the need to admit you should have known better.”
5) Consider SaaS options for higher levels of resilience
Ensuring all data is protected is also an essential part of being cyber secure, especially if a lot of your organisation’s data lives in the cloud. Mark Jow, Vice President – Technical Services EMEA at Commvault explains that, “cybersecurity doesn’t become someone else’s problem when you migrate your data to the cloud. While some cloud providers will support this, ultimately the onus is still on each individual organisation to ensure that sufficient security and data protection measures are in place, which will often require third party services. This year we’ve seen the number of ransomware attacks soar during the pandemic, with a recent threat landscape report finding that global ransomware reports increased by a staggering 715% year on year.
“As the risk of cyberattacks increases, ensuring an air-gapped and immutable copy of your data exists is now more important than ever. While the traditional 3-2-1 backup strategy is commonplace, to prevent today’s cyberthreats, businesses should consider newer SaaS options that can provide much higher levels of protection and resilience, whether your data sits in the cloud, in your datacentre or on the laptops and desktops of your home or field based employees. Data is the lifeblood of businesses and in a time when keeping customers on board is harder than ever for many, it’s crucial that IT teams have the solutions in place that can ensure business and customer data is kept secure, and customer loyalty is kept intact.”
6) Embrace data science and real-time vulnerability intelligence
Finally, Stephen Roostan, VP EMEA at Kenna Security encourages organisations to also look to data science to help identify security vulnerabilities in a business. Roostan comments: “As in life, some IT security teams will win, others will struggle. From first-hand experience I know that the teams that have embraced data science, real-time vulnerability intelligence and automation will likely be the winners. The reason is simple: it enables them to cut through the noise and understand which vulnerabilities pose the biggest threat to their business. They can then create a prioritised and efficient approach to fixing the most important problems first, which frees up precious resources to address other IT issues, reducing some of the pressure put on the team.”
Roostan rounds things off nicely by summarising: “Although it only runs for a few weeks, the impact of Cyber Security Awareness Month is ongoing because it creates a platform for best practice and ideas exchange among IT security professionals. This can only be a positive development, helping to reduce wasted efforts, improve collaboration across teams and having a meaningful impact on risk profiles.”