Adopting a Multifaceted Security Approach
Over the past decade, terms like malware and ransomware have increasingly entered into the public vernacular, especially as they relate to highly publicized, high-profile cybersecurity attacks. Most recently, the Biden administration issued a dire warning to American businesses about the potential for Russian cyberattacks, encouraging even private organizations to strengthen their defenses. Clearly, and on multiple levels, concerns about cybersecurity threats have entered the mainstream. If your organization is networked in any capacity, it is at risk from cybercriminals. What makes this bad situation worse is the sheer sophistication of such bad actors who are constantly evolving their tactics—whether to steal valuable data, hold systems hostage for financial gain or disrupt the operations of organizations critical to the public, from energy grids to airports and hospitals.
The situation can be likened to a high-stakes game of whack-a-mole in which organizations must constantly fend off threats while also keeping ahead of the next menace popping up on the horizon. What can we do? Those that wish to mitigate risk must take a multifaceted approach to security that integrates up-to-date best practices across the triumvirate of people, processes and technology.
Develop Your Organization’s Security Team
The saying “cheap isn’t good and good isn’t cheap” is particularly apt when it comes to IT security personnel hiring. Unsurprisingly, talent that achieved certifications such as CISM, CISSP and CEH (Certified Ethical Hacker) are at a premium. This is an area where bargain-shopping shouldn’t be a consideration.
Why? While hiring mistakes in other departments like marketing or sales are unfortunate, they typically won’t result in permanent disasters. For example, consider a large e-commerce retailer that inadvertently allowed its customers’ credit-card data to be stolen or whose website goes down due to a ransomware attack. The former could leave it subject to fines and irreparable reputation damage, while the latter could literally cost millions per hour in lost sales.
To be certain, hiring IT security personnel for your organization requires looking at more than academic credentials and certifications. More intrinsic traits, such as the ability to act quickly and around-the-clock in emergencies, as well as the desire to continually be learning and evolving along with the security landscape, is critical. For many, finding and training promising talent within their own organizations may be one way to address the shortage of skilled cybersecurity workers.
As an extension of internal resources, organizations should also partner with a reputable cybersecurity firm. Such experts can externally rate your organization’s security posture, make recommendations for improvements and assist in rapid response in the event of emergencies. Even if your internal staff is top-notch, an outside perspective from specialized experts operating with infosec as their sole business can be invaluable.
Put Critical Processes in Place in Your Business
In years past, employees focused almost exclusively on activities inside their own departmental silos—those in accounting crunched numbers while HR concentrated on hiring and retaining talent, and so on. Cybersecurity threats are no longer siloed and impact everyone, from C-level executives to the receptionist at the front desk. An email containing malware or a socially engineered password, for example, has potentially negative implications for the entire organization.
Awareness of cybersecurity risks, as well as processes designed to mitigate such risks, should be required knowledge at all employee levels. Oftentimes, third-party employee training on security topics can remove this burden internally.
First and foremost, organizations should maintain an information security policy that governs how IT resources and digitally stored information are to be used and protected, especially regarding sensitive data such as payment card information (PCI), personally identifiable information (PII) and electronic health records (EHR), as examples. Such rules are typically applied through a Security Operations Center (SOC), or centralized “hub” comprised of technology and personnel to continuously monitor systems to prevent, detect and respond to threats.
In the event of an actual security breach, SOCs should have a critical security incident response plan created in advance, ideally in partnership with a reputable cybersecurity firm, to ensure responses are immediate and effective. Such plans are akin to having a “bat phone” to be used for calling in the superheroes when danger knocks or, worse, when it kicks down the door.
By necessity, security processes cannot be stagnant. IT security staff must keep abreast of the evolving cyberthreat landscape by following industry and global news, monitoring key vendor sites and government entities for alerts and undergoing continual education and training.
Maintain Multilayered, Up-to-Date Security Technology
Remember those old movies where a high school hacker cracks a password and suddenly has access to everything? Such scenarios are no longer plausible when there are multiple layers of distributed security, including:
- Virtual private networks (VPNs) to create secure tunnels between enterprise devices and the internet
- Firewalls for filtering incoming/outgoing network traffic based on security rules
- Access verification such as multifactor authentication and password management/encryption
- Endpoint detection and response
- DDoS software to stop distributed denial-of-service (DDoS) attacks
Implementing the latest security tools is paramount for your business, as is the need for enterprises to manage their technical debt. In other words, it is vital to keep legacy systems up-to-date to ensure the latest versions are in place and loopholes are patched. While initially fiscally tempting, allowing vendor support to lapse is a key cause of security gaps that will potentially cost much more in the long run. Remember that the number-one job of cybercriminals is keeping ahead of the game by finding the weakest links.
Today’s enterprises should be doing everything they can to keep their systems and data safe from the proverbial wolf at the door. By implementing a multifaceted approach that incorporates people, processes and the latest technologies, organizations can help ensure they remain out of range (and out of the news) when it comes to costly cybercrime.
