Reducing your exposure to a cyber attack
Cybersecurity Awareness Month is observed in October each year. It's a collaborative effort between the government and industry to raise awareness about the importance of cybersecurity and to provide resources to help people stay safe online.
The first Cybersecurity Awareness Month was held in 2004, and it has grown into a global campaign that involves millions of people around the world. The theme for Cybersecurity Awareness Month 2023 was "See Yourself in Cyber." This theme encouraged people to think about how cybersecurity affects their lives and to take steps to protect themselves online.
Here are some of the key messages of Cybersecurity Awareness Month:
- Be aware of the risks. There are many types of cyber threats, so it's important to be aware of the risks before you can protect yourself.
- Take steps to protect yourself. There are many things you can do to protect yourself from cyber threats, such as using strong passwords, being careful about what information you share online, and keeping your software up to date.
- Be prepared to respond. If you become a cyber attack victim, it's important to know what to do. Report the attack to the appropriate authorities and take steps to protect your identity and your data.
Cybersecurity Awareness Month is a great opportunity to learn more about cybersecurity and to take steps to protect yourself online. Many resources are available to help you, including the websites of the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST).
Week 1 - Practice basic cyber hygiene
Effective and affordable ways to reduce your organisation’s exposure to the more common types of cyber attacks.
- Boundary firewalls and Internet gateways - establish network perimeter defences, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent users’ computers from communicating directly with the Internet
- Malware protection - establish and maintain malware defences to detect and respond to known attack code
- Patch management - patch known vulnerabilities with the latest version of the software, to prevent attacks which exploit software bugs
- White-listing and execution control - prevent unknown software from being able to run or install itself, including AutoRun on USB and CD drives
- Secure configuration - restrict the functionality of every device, operating system and application to the minimum needed for the business to function
- Password policy - ensure that an appropriate password policy is in place and followed
- User access control - includes limiting normal users’ execution permissions and enforcing the principle of least privilege
If your organisation is likely to be targeted by a more technically capable attacker, give yourself greater confidence by putting in place these additional controls set out in the 10 Steps to Cyber Security:
- Security monitoring - to identify any unexpected or suspicious activity
- User training education and awareness - staff should understand their role in keeping your organisation secure and report any unusual activity
- Security incident management - put plans in place to deal with an attack as an effective response will reduce the impact on your business
More Information
Download small business action guide
Download 'what you can do to combat cyber attacks' leaflet
Download 'the cyber threat to the legal sector' 2018 report
Week 2 - Expand your digital skills and education
Increase in Cybercrime Demands Fresh Attention to Employee Training
Cybersecurity training should be treated as an ongoing process and include employees across the whole organisation.
Many high-profile cyber attacks have featured in the news lately, to name a few:
- British Airways had approximately 380,000 of their customer's credit card details compromised
- T-Mobile had 2 million of their customers’ details stolen by hackers
- NHS had 20,000 appointments cancelled due to the WannaCry virus
- Under Armour's MyFitnessPal app had 150 million usernames, email addresses, and passwords compromised
Cyber attacks, hacking, data breaches and identity theft are terms that most people are familiar with, and the need to educate employees about how their actions impact company cyber security is greater than ever.
A study published this week has revealed that businesses are "dangerously" unprepared for cyber-attacks, with threats causing mayhem for IT management teams (source: Computing.co.uk)
While IT and cyber security professionals are experts at protecting networks and devices and integrating security measures to anticipate a breach, that cannot be a business's only line of defence. Employee education and training can help minimise cyber vulnerabilities and prepare employees for the event of a breach, in turn helping to protect the organisation and its customers.
Reducing the risk
Employees often are unaware of the potential consequences of their actions while working on a computer, laptop or mobile device and how those actions can make the company vulnerable to cyber-attacks.
Providing training to your employees can raise awareness of the potential risks and ensure they understand how their actions can impact cyber security.
The onboarding process can also form part of the process by incorporating background checks on potential employees. As new employees join the workforce, organisations also need to be sure they have an effective training plan in place.
As part of the onboarding process, new employees should be warned to:
- Exercise caution when opening email attachments, especially compressed or ZIP file attachments.
- Avoid clicking directly on website links in emails. Instead, users should type the link directly in the browser’s search bar or attempt to verify web addresses.
- Lock computers when away from your desk
- Report any suspicious emails to the IT team
- Avoid unsecured Wi-Fi hotspots
- Try to avoid file sharing on USB drives, the drives potentially spread viruses
- Avoid downloading software or apps from unknown sources. Or restrict downloads to administrators only
- Maintain good password integrity
- Be smart about laptops or mobile devices that float between systems and could therefore pick up viruses or compromise the system
Don’t be afraid to test your cyber security policy, send a mock-questionable link to employees to see if anyone clicks on it.
Cybersecurity training should not be a one-time event or something that only applies to the IT department. It should be treated as an ongoing process and include all employees.
Develop a specialist team
Build a team of cyber security experts within your business, including representatives from key areas within the business. Ensure they are aware of what types of threats are out there and how to react should an attack take place to minimise any damage. Being prepared for if an attack does happen will ensure minimal damage to your business and help you get back to normal as quickly as possible.
Key areas to focus on should include:
Review the nature, probability and dangers of possible attack methods like hacks, breaches, email phishing, texts or social media. Also, review common entry points or data-rich targets within the company. Any system with data that can be monetised such as health care records, bank information, credit card numbers, emails – can pose a risk and should be part of the response planning process.
Provide general background on the different categories of cyber attacks and how the scope, style and motivations of each play an important factor in developing the most appropriate response plan.
Cybercriminals are motivated by money and are typically responsible for hacks like retail data breaches and phishing attacks. There is a high risk to individual customers in terms of compromised personal or financial data and identity theft.
Take the education a step further by displaying tip sheets and posters around office common areas or by participating in ongoing cyber safety events like National Cyber Security Awareness Month or Safer Internet Day. Keeping the issue top of mind for your team helps mitigate risk and build resiliency.
Week 3- Recognise cyber scams
Some common indicators of scams include:
- A call for urgency such as, "You must act now!"
- A promise of huge profits in a short time frame
- Overuse of buzzwords and jargon
- Claims of insider information or confidential data
- Donation scams are common on the Internet. Be sure to research any request for donations before handing money over.
Signs of a scam
- Contacted out of the blue?
- Is the deal too good to be true?
- Asked to share personal details?
- Pressurised to respond quickly?
- Are the contact details vague?
- Spelling or grammatical mistakes?
- Are you asked to keep it quiet?
- Sounds out of the ordinary - like you’ve won the lottery, or you’ve been invited to invest in an ‘amazing’ scheme and keep it a secret
- Asks you to phone an expensive number - these start with 070, 084, 087, 090, 091 or 098
- Ask yourself, what’s in it for them? Why are they doing this?
Sources:
https://electronics.howstuffworks.com/how-to-tech/how-to-detect-online-scams2.htm
https://www.wikihow.com/Spot-an-Online-Scam
Week 4 - Emerging technologies
Stay tech-wise and safe with emerging technologies
Five biggest security technology trends
New IT security advances will enable organisations to spot and mitigate potential breaches before they occur.
Historically businesses have been primarily concerned with securing themselves against external cyber threats such as viruses and hackers. Yet some of the biggest threats have been due to insider mistakes or misuse.
The crux of it is that many businesses still have insufficient visibility into what changes their users are making within their IT environment.
A 2017 IT Risks Survey of more than 600 IT Pros confirms that “66% of organisations perceive employees to be the biggest threat to system availability and security”
Research has revealed that around one quarter (24%) of UK, employees admit to intentionally sharing confidential business information outside their organisation, typically to competitors or new and previous employers.
The introduction of GDPR has made data breaches more important, as any data breach that does occur has to be reported within 72 hours.
Looking ahead, many emerging IT security advances will arm organisations with the right information at the right time to help spot and mitigate potential breaches before they can occur. Here, in no particular order, are five security trends that are set to make a big impression on enterprises in 2019.
1. Security compliance will become more important
General Data Protection Regulation (GDPR) ensures that organisations must be aware of what data they have, where it’s stored and who is responsible for it. This, along with stricter penalties for non-compliance, will require businesses to upgrade their data privacy controls. Fines for data breaches have started to occur, to read more about these click here
2. Advanced analytics will improve data security
Organisations currently use a combination of security products which generate a large volume of data, making it hard to spot information requiring immediate attention. Advanced data analytics tools will help organisations drill down into the information to find potential threats more easily.
The growing adoption of technologies like user and entity behaviour analytics (UEBA) will enable organisations to establish stricter control over their IT infrastructures and better understand their weak points, so they can fix security holes before a data breach occurs.
3. Tailor-made security
The global cyber security market is evolving. Security vendors are rapidly expanding their range of solutions to allow them to solve similar pain points differently according to the customer’s infrastructure. With strong data protection practices in high demand, security vendors will start to offer a more personalised approach, taking into account factors like IT infrastructure size and complexity, industry and budget. A more customised approach to IT security will provide organisations with solutions that are uniquely tailored to their requirements. Smaller, more specialist software providers will win business against larger, less flexible vendors by providing offerings that are ideally suited to meet specific business needs.
4. Continuous reviews will improve decision-making
In 2017, Gartner proposed a new approach to security based on a continuous process of regular review, re-assessment and adjustment, known as CARTA (Continuous Risk and Trust Assessment).
We can expect this approach to become more popular as businesses try to mitigate cybersecurity risks. Real-time assessment of risk and trust in the IT environment enables companies to make better decisions regarding their security position.
5. Blockchain principles to be applied to data security
An emerging approach to mitigate the increasing number and sophistication of cyber threats is to harness blockchain principles to strengthen security. With blockchain technology data is stored in a decentralised and distributed manner.
Instead of being stored in a single location, data is stored in an open-source ledger. It makes mass data hacking or data tampering much more difficult because all participants in the blockchain network would immediately see that the ledger has altered in some way. Blockchain has the potential to be a major leap forward for securing sensitive information, especially in highly regulated industries like finance, government, health and law.
In summary, insider mistakes and privilege misuse have repeatedly been the source of security breaches and are as much a vulnerability to organisations as outsider threats.
Even though every organisation has its security risks requiring different defence methods for mitigating insider and outsider attacks, some common technology trends are emerging. Businesses will need to adopt more continuous protection strategies, while vendors will take advantage of the latest technology advances to create more customised and better-targeted solutions.
Therefore, we should see organisations becoming more proactive about securing confidential information, especially where consumer data is concerned. Malicious insiders and hackers alike will find their work more difficult. Stealing corporate data will take much more time and effort than it did in the past while the overall chances of being caught will also be higher.
Further Information
If you'd like to know more about cyber security,
visit our dedicated page or speak to one of our security experts on
01482 210999 or email
info@genesisit.co.uk