October is National Cybersecurity Awareness month, raising awareness about the importance of cybersecurity since 2004 and providing individuals and businesses the resources they need to be safer and more secure online. Own IT. Secure IT. Protect IT. – The theme of 2019, as proclaimed by The Department of Homeland Security, emphasizes personal accountability and stresses the importance of taking proactive steps to enhance cybersecurity at home and in the workplace.
Let’s discuss the biggest cybersecurity risks to be aware of in 2019.
You likely have heard about or have been impacted by one of the recent large data breaches – from Target to Equifax. If a large organization can’t mind its security – how can you? It feels as if no one is safe. Below are some great steps in the right direction…
For consumers and businesses:
Ransomware is a type of malware that not only can perpetually and permanently block access to data, but threatens to publish victim’s data unless a ransom is paid. Did you know that ransomware attacks are merely an emerging market for the cybercriminals? That’s right. Although a big threat to businesses and consumer data, ransomware accounts for roughly $1 billion out of the whopping $1.5 Trillion cybercriminals are making.
Traditional backup methods are dead, e.g. backing up to hard drives, network-attached storage and/or to tape. Regardless of whether you are storing locally and/or offsite, approximately ~70 – 75% of backups fail resulting in massive business impacts with outages ranging from 3 – 7 business days, to months, to some business having to close their doors permanently as a result of a single significant cyber impact, such as a ransomware attack.
Consider having a 3rd Party Assessor, such as Withum, conduct a business continuity assessment and/or implementing automated controls embedded in backups to identify and mitigate ransomware and data integrity attacks.
Windows 7 will no longer be supported by Microsoft starting on January 14, 2020. These operating systems will have reached the end of their life cycle and will be highly vulnerable to attacks since they will no longer be patched with security updates. Security and vulnerability patching is a must-have, must do. If not, cybercriminals will do their job and hack your system. Just as you are aware of Windows 7 being highly vulnerable after January 14, 2020, so are the cybercriminals.
Cybercriminals have long ago adopted automated tools and scanning techniques to identify vulnerabilities. Therefore, identifying exposed and vulnerable systems is quickly accomplished through malicious code and Internet scanning. Once hackers identify a vulnerable system, it is exploited, often pilfered for financial data and personally identifiable information (“PII data”). They then remain dormant and remotely monitor activities, using it to extort victims and to orchestrate additional cyberattacks with systems and data compromised.
Consider that allowing Windows 7 systems, even a single system, to reside on your network(s) makes not only the computer; but the network and data vulnerable to exploits and intrusions.
Companies rely on the data that they collect – from employees, clients and the business overall. This can be everything from social security numbers and bank account information to health information and credentials. Losing this data could lead to the demise of your business and your reputation. 83% of SMBs lack the funds to deal with the repercussions of a cyber attack as the average cyberattack carries a price tag of nearly $3 million.
Consider that accurate and verifiable metrics of confidential data is being mandated by new data privacy laws, such as GDPR, CCPA, the New York Shield Act, among others. Additional legislation, such as the Corporate Accountability Act may impose criminal, civil and other sanctions against corporate executives who are found to be negligent and/or reckless with their businesses.
Ensuring accurate data flow mappings is a useful first step for data privacy adherence. A data-flow diagram is a way of representing a flow of data of a process or a system. The data flow diagram also provides information about the outputs and inputs of each entity and the process itself. Having a written record of data processing activities is a requirement for many organizations under GDPR Article 30 and a best practice for even those that are not required to do it.
Independent validation of where your data resides, how it is being used and maintained, and whether it is leaking from your environment is critical to avoiding costly impacts and regulatory violations.
A firewall is a networking security device or application that monitors and inspects traffic, much like a traffic cop or US Customs security inspection for data. However, a firewall is only as good as it is configured. Firewalls have the ability to scan for malicious traffic, inspect data packets (like opening a physical container), ensures policy enforcement, and before malicious traffic enters or/departs a network or device.
Often, firewalls are misconfigured or are only set to protect against inbound traffic from the Internet. Modern threats and regulatory requirements mandate that inbound and outbound network traffic is properly inspected.
Many companies have still failed to implement multi-factor authentication, also known as 2FA (Two-factor authentication). Multi-factor authentication means that there are two-steps or more that one must take in order to log into a system or application. If you have avoided implementing multi-factor authentication, now is the time to do it. Don’t select “Not Now” anymore!
At Withum, we use multi-factor authentication to access all of our systems – from our email and communication systems to our time and billing software. Once 2FA has been adopted and over time, delays in accessing systems and resources are relatively marginal. In comparison to a cyber impact, such as a hacker gaining access to systems and resources, the benefits of 2FA far exceed any potential inconveniences.
We all think we know our employees, but according to the Verizon 2019 Data Breach Investigation report, 34% of all breaches in 2018 were caused by those inside of a company. This is up from 28% in 2017. An insider-related incident can cost a company up to $11.1 million a year in North America.
Consider the deployment of security controls overtly and covertly to monitor for computer abuse and data privacy violations. In other words, security controls should be visible and invisible to users. If a threat actor is aware of all your security controls, regardless of whether they are an external hacker, an employee, or a 3rd party vendor – they will look for ways around those security controls. A silent alerting system will provide indicators of nefarious activities and anomalies, which will often allow enough time to mitigate serious impacts. Alerting systems should be meaningful, e.g. an alarm that constantly ‘sounds’ will inevitably be ignored.
What is a shadow IT system? Shadow IT are Information technology systems built and used within organizations without explicit organizational approval, for example, systems specified and deployed by departments other than the IT department.
Provide acceptable use policies of systems, data, communications, and resources. Align security controls to policies and procedures. IT Security programs should not be the department of “NO, you can’t do this!”; but rather adopt a practice of, “Yes, you can; but here is how you can do this securely.” IT and IT Security must be business enablers. For example, innovations in braking technologies have allowed vehicles to go faster; not slower. Consider how far and safely your vehicle could travel without having any brakes?
Successful IT and IT Security programs are built for the business, to enhance it, to enable it. In other words, business drives IT; not the other way around. IT & IT Security integrations must be forward-thinking or they themselves will become obsolete.
Want to increase your organization’s cybersecurity posture, remain compliant and competitive by avoiding impacts and regulatory violations….Complete the form below to contact our internationally-recognized and highly awarded cybersecurity team to find out how!