In today’s world, most organizations, regardless of size, will experience a security incident in the form of social engineering, a data breach, or malware. Social engineering attacks will continue to be the easiest way for cyber criminals to compromise corporate networks. With social engineering, the attacker can mass engineer an attack with the knowledge that one user can compromise an entire network.
Here are a few examples of the types of external security incidents of which organizations should be aware.
- Spear Phishing: email spoofing fraud attempt, targeting an organization, seeking unauthorized access to data;
- Whale Phishing/Whaling: targets C-level users, or users with elevated access to sensitive data;
- Malware/Anti-virus: malware is software that disables or damages a computer system;
- Distributed Denial of Service (DDoS): multiple infected systems are targeted at a corporate network or website causing a denial of service;
- Hacktivism: the act of compromising a system for socially or politically motivated purposes;
- Extortion Hacks: cybercriminals threaten to release sensitive data if an organization does not meet some demand;
- Ransomware: prevents access to data on a PC by encrypting it and requesting a ransom to unencrypt it.
The majority of security incidents are caused by human error related to lack of employee awareness and training. Organizations should take a holistic approach to security, however, the first line of defense begins with continual training.
Prilock’s Security Awareness Training is a great example of easily accessible training, designed for optimum comprehension and impact for non-IT computer users and ensure that users understand the impact of digital security.
Identifying internal vulnerabilities
A data breach occurs when sensitive, confidential, or protected information is obtained by an unauthorized individual or organization. Organizations can improve the security of sensitive data by focusing on controlling how employees access, transmit, and manage documentation. Here are three common areas where, when controlled, organizations can strengthen the protection of sensitive data.
- Spreadsheets: ensure files are password protected, saved on network drives instead of local hard drives, and access is restricted to authorized users
- Email and File Attachments: effective email policies, spam filters, scanning email attachments, and encryption improve email security
- Identity Lifecycle: as users join the organization, move within the organization, and leave the organization their access is always appropriate to their job role and function
Identity is a major attack vector for advanced threats currently, with compromised credentials being a significant enabler in successful attacks. Organizations need a reliable way to continuously determine that users are who they say they are before allowing access to sensitive data.
Taking measures for physical security
Organizations can minimize their exposure to data breach by taking an inventory of physical opportunities to reduce vulnerabilities. Physical procedures include:
- Locking laptops in cabinets and/or car trunks
- Locking screens when employees leave their workstations
- Providing privacy screens on computer monitors
- Disabling ability to download data onto external drives
- Monitoring data sent to unauthorized and/or personal email addresses
In today’s security landscape, a security breach is not a matter of “if” but “when.” While risk tolerance is up to each individual organization, the way risk is managed is important, and there are definitely best practices to follow.
Read the Original Article Here