Threats are real
Lets face it, there are people that target your network and users with bad intentions. The threat landscape is real and ever changing. According to the major findings section within Cisco’s 2017 Midyear Cybersecurity Report;
- Business email compromise (BEC) has become a highly lucrative threat vector for attackers. According to the Internet Crime Complaint Center (IC3), US$5.3 billion was stolen due to BEC fraud between October 2013 and December 2016. In comparison, ransomware exploits took in US$1 billion in 2016.
- Spyware that masquerades as potentially unwanted applications (PUAs) is a form of malware—and a risk that many organizations underestimate or dismiss completely. However, spyware can steal user and company, weaken the security posture of devices, and increase malware infections. Spyware infections are also rampant. Cisco threat researchers studied three select spyware families and found that they were present in 20 percent of the 300 companies in the sample.
- The dramatic increase in cyber-attack frequency, complexity, and size over the past year suggests that the economics of hacking have turned a corner, according to Radware, a Cisco partner. Radware notes that the modern hacking community is benefiting from quick and easy access to a range of useful and low-cost resources.
- When it comes to enterprise security, cloud is the ignored dimension: Open authorization (OAuth) risk and poor management of single privileged user accounts create security gaps that adversaries can easily exploit. Malicious hackers have already moved to the cloud and are working relentlessly to breach corporate cloud environments, according to Cisco threat researchers.
- In late 2016, Cisco threat researchers discovered and reported three remote code-execution vulnerabilities in Memcached servers. A scan of the Internet a few months later revealed that 79 percent of the nearly 110,000 exposed Memcached servers previously identified were still vulnerable to the three vulnerabilities because they had not been patched.
What you should know
Set aside the nasty Hackers, your users pose the biggest threat to your network and systems. A comprehensive Cybersecurity practice will significantly decrease your changes of a malicious attack, virus or user error.
- No patch/update plan
- No USB lock/control
- Inadequate firewall protection
- Inadequate anti-virus protection
- Poor password management
- Disabled System Locks
- Excess Access
- Insufficient user tracking
- Lack of identity access management
- Unsecured wireless access points
- No change management policies
All aboard. Implementing a cybersecurity practice requires an on-going corporate wide commitment with clearly defined objectives.
What you can do
Implement a cybersecurity practice
Flows: It is impossible to build a practice without an understanding of the flow of information to and from internal/domain users and external users. A data flow document connecting all the dots is a helpful guide.
Assessment: With all the moving parts of IT, it can be difficult to determine what is and isn't working. Are the best practices in place? What areas require immediate attention? Do I have deep visibility into IT assets? A network or site assessment report is needed for the design of your layered security practice.
The abbreviated Design steps segments the IT environment in (7) layers Users, PCs, Servers, Network, Mail Systems, Mobile Devices and Cloud.
Users - Action Items
- Password Policy
- Identity Access Management
- Phishing Awareness
PCs (Desktop/Laptop) - Action Items
Servers - Action Items
Network - Action Items
Mail System - Action Items
Mobile Devices - Action Items
Cloud - Action Items
The 3rd step being implementation.