While many businesses are facing constrained security budgets, cybersecurity attacks are on the rise. Without an influx of big bucks, how can a company face off against the latest threats in the cyber security landscape?
Here are some low-cost security solutions that you can quickly implement to amp up your protective game.
The ISACA’s State of Cyber Security 2017 found that only 50% of respondents expected a budget increase in 2017 (down from 61% in 2016).
The Threat is Real
Enterprises are facing an increasingly hostile digital environment. Some 53% of the 2017 ISACA State of Cyber Security respondents reported an increase in attacks in 2016. Plus, 80% viewed an attack in 2017 “likely” or “very likely.”
And why wouldn’t they? The sprawling damage done in May by the WannaCry cryptoworm (and the subsequent media attention it garnered) highlighted that ransomware is on the rise. In that May attack, cybercriminals encrypted data on more than 230,000 computers in over 150 countries to extort payment to regain access to business data and systems.
At the same time, per Symantec, attackers are demanding more and more from victims with the average ransom demand in 2016 rising to $1,077, up from $294 a year earlier.
Then there’s the Internet of Things (IoT) replacing mobile as a top area of concern as it emerges further into the mainstream. As traditional methods may not cover IoT devices, securing the estimated billions of connected things represents a new challenge.
Further, the IoT environment is only as secure as its weakest link, while the enterprise is connecting to a much larger environment than it can control independently.
Meanwhile, tight budgets are coupled with hiring freezes or reductions in headcount. The cyberskills gap impacted business at 70% of organizations surveyed by the Information Systems Security Association and Enterprise Strategy Group.
Not to mention that even those enterprises with the economic wherewithal to hire new talent are facing a shortage of skilled individuals. In fact, according to the Information Audit and Control Association (IACA), about a quarter of all cybersecurity positions remain unfilled for about six months.
RedTeam works within your needs and budget to identify and fix vulnerabilities before they become a problem. Set up a call with us at a time that’s convenient and we’ll help you get started.
Finally, there’s the ongoing issue of attrition as overworked IT staff find they are forced to address increasing attacks without fresh investment in their personal development or security skills training. For 35% of the ISSA survey respondents, the lack of skilled workers left security teams unable to familiarize themselves fully with the security tools they were using.
Sound like an uphill battle? It is—that’s why it’s more important than ever to place a priority on your team’s readiness for an attack.
6 Low-Cost Solutions to Implement Today
1. Backup Vital System Files
Unless this is the first RedTeam blog you’ve read, you’re going to feel like we’re a broken record on this one. Backup. Backup today!
Making sure vital systems files are backed up to a computer that isn’t connected to any network can decrease a malware’s ability to spread and wipe your configuration files. Yet fewer than half of the respondents in Ponemon’s 2016 Cost of Cyber Crime study reported advance backup and recovery operations.
We’ll stop making this suggestion a top priority when we know we’re preaching to a compliant choir, deal?
Pullout: Backing up vital system files can reduce the average cost of a cyber attack by nearly $2 million — Ponemon
2. Implement an Incident Response Plan — or Test Yours
In ISACA’s study, 50% of respondents had executed an incident response plan in 2017 while 17% didn’t even know if they had done so. Well, at least they had a response plan in place to implement!
Identify security vulnerabilities and develop policies to address them. Having determined in advance the criticality of different incidents, you can determine what actions should be taken to apply counter measures and act quickly to contain damage. Having already outlined your process for monitoring and tracking activity following an attack can further both remediation and forensic efforts.
If you already have a plan in place, congratulations. However, if the Incident Response Plan is the cybersecurity equivalent of a fire drill, make sure you pull that lever once in awhile to make sure that everyone still knows what to do.
Implementing a plan and then letting it sit in a file cabinet somewhere isn’t going to do you much good in the immediate aftermath of an attack. It’s possibly your plan might:
- Involve tools that are out of date.
- Assign responsibilities to people who are no longer with the company.
- Expand the risk of compromise by not accounting for recent technological innovations.
3. Educate Your Employees
Regardless of your budget, educating employees is essential. Some 91% of security breaches occurring from Jan to August 2015 were avoidable, according to an Online Trust Alliance report. In fact, the OTA noted, they “could have easily been prevented by, for example, patching a server, encrypting data or ensuring employees do not lose their laptops.”
Educate employees about the many ways they can avoid making your business vulnerable to attack. Steps they can take include:
- Treating every single email as potentially malicious until proven otherwise
- Being wary of revealing too much information on social media
- Developing complex, individualized passwords
- Accessing internal networks only from secure devices
- Maintaining mobile device and personally identifiable information security
- Refusing to fall for social engineering attacks that leverage the employee’s impulse to trust and help
- Turning in a found USB or thumb drive to IT
- Installing software and system updates when available.
“Even in a high tech sector, your weakest point is your users. Ensure that all employees are being careful or train them to be better.” — Spiceworks
4. Update Your Security
Ensure your business is keeping up to date with evolving technology. Cybercriminals are highly motivated to adapt and find new ways to breach networks. Keep your infrastructure security current:
- Regularly upgrade any outdated and unpatched software
- Stay current on anti-virus rules and signatures
- Adopt proven strategies to secure your network
Meanwhile, don’t overlook the importance of securing the physical environment too.
5. Leverage Cybersecurity Knowledge
Those who are spearheading cybersecurity efforts for your enterprise need to remain educated about the latest security trends and threats.
The online landscape and data breach environment evolves rapidly. Fortunately, it’s also becoming easier to follow and share information about threat channels, classifying attacks, and knowing what next steps to take.
Major breaches will make the general news, and you may also have access to industry-specific community news sources. Other good resources to follow security alerts and advisories about vulnerabilities include:
- The Computer Emergency Readiness Team Coordination Center (CERT/CC)
- US-CERT and the Industrial Control Systems CERT (ICS-CERT) or European Union CERT (CERT-EU)
- The SANS Internet Storm Center
- News streams from The Hacker News, Dark Reading and The Register
- IBM Security and SophosLabs’ informational YouTube channels.
6. Actively Plan to Respond To A Payment Approach
Although the prevalence of ransomware is increasing, only 53% of the ISACA respondents had a formal process in place to deal with this type of attack.
Assemble key stakeholders around a table in a conference room today and hash out the implications of payment vs. non-payment. Considering your options as a proactive exercise, rather than under the pressure of a ticking clock deadline, may lead to more level-headed thinking about the proper response.
“70% of business ransomware targets paid the ransom.” — IBM
Bonus Strategy: Talk to Us
While these low-cost solutions can make an immediate difference, there’s nothing like the input of seasoned security experts. RedTeam Security application, network and physical penetration testing measure existing controls and uncover weaknesses in your systems. Once we identify the weaknesses, we offer actionable insights to help you better protect your enterprise from attack.
We’d love to talk with you about how RedTeam can help secure your business — within your budget.