The current threat landscape is evolving day-to-day, and with businesses operating within increasingly complex and heterogeneous networks, it has never been more critical for IT teams to protect their organisations from malicious cyber-attacks.
Cybercriminals are becoming more sophisticated in their attempts to exploit vulnerabilities, which suggests that organisations need to assess their security policies and strategies and avoid making the following security mistakes:
1. Not keeping employees ‘in the know’
Companies need to keep employees abreast of security concerns and issues, or else risk leaving themselves vulnerable, particularly to phishing and ransomware.
According to Node4 research, IT teams believe the biggest internal threat to a business is the human element – not through malicious attacks, but through errors made by employees. Though messages are being communicated and reiterated by businesses, (“don’t click this”, “don’t download that”), it’s not enough, especially as attack vectors are becoming more sophisticated.
Cybercriminals are evading protection policies by targeting the individual specifically, known as spear phishing. They are using registered domain names that appear similar to an established company, (e.g. ‘rn-test.com’ vs ‘m-test.com’ – not every employee will notice the difference). Employees with excessive information on their social media sites provide a particularly rich source of information to spear phishers and form the basis of whaling campaigns. These often involve considerable research beforehand by threat actors who scour social media to gather information about key executives at large organisations.
It’s a simple approach that doesn’t require any technical expertise or malware, and therefore the barriers to entry for this type of cybercrime are incredibly low. It’s not ok for users to just assume that a firewall will protect them from attacks. As such, companies need to put security policies in place that educate employees on the evolving threat landscape so they understand how to mitigate against threats.
2. Remaining beholden to solutions you’ve already bought
Businesses invest a lot of money in solutions that are not unified, leaving gaps in their network that make it easier for cybercriminals to exploit their vulnerabilities.
Companies should be adopting Unified Threat Management (UTM) for maximum protection against growing threat vectors. UTM solutions consolidate threat management under a single-pane-of-glass and are designed to protect users from a range of complex threats. It will often take an attack for companies to realise how insufficient existing systems are and how important it is to invest in UTM.
3. An inability to see inside network
It can take eight months for companies to realise they have been breached and, in fact, 41 per cent of IT managers do not know how many intrusions they have suffered at all (according to Node4 research).
Whether it’s using a company’s network for digital storage or picking off new credit card details as they are added, hackers typically operate under the radar. They will do their best to hide all footprints and paths through the network. So, unless you are actively looking at your network and reporting on traffic, you will not know you’re being hacked.
Companies need to remain one step ahead of the cybercriminals and therefore should be using a Security Information and Event Management (SIEM) strategy for a birds-eye view of their entire IT network (as well as UTM, as mentioned above). This will allow companies to mitigate threats as they develop, and help to inform future defence strategies.
4. Your processes just aren’t up to scratch
Today’s IT landscape is extensive. Your software, OSs, servers, phones, etc., all need to be protected. Of course, this can be very difficult to manage in itself but many IT departments aren’t making it any easier for themselves.
There have been cases where security and firewall settings have been set up by an IT employee who has since left the company or third party staff whose contract has been cancelled. As such, no one else in the organisation has knowledge of how to manage them or even how they’ve been set up.
IT departments must have security processes, documentation and clear ownership highlighted to ensure the business is not vulnerable to attack.