Cybersecurity experts are in agreement: enterprises simply cannot afford to skip investing in protections that safeguard their networks, systems and data. But with budgets straining, even as attacks are more prolific and powerful than ever, they need security that doesn’t break the bank. Fortunately, there several steps enterprises can take to cost-effectively bolster their cybersecurity.
In 2017, there were plenty of high-profile attacks to put people on edge. It’s been reported that there have been millions of records stolen using ransoms and extortion attempts. Who can forget WannaCry, the massive cyberattack in mid-May that spread around the world in days, crippling businesses in 150 countries by hijacking more than 230,000 computers, locking up data and demanding money to set them free? The attack used ransomware, a type of malware that encrypts data until you pay a ransom. Then there were other ransomware attacks like Petya and NotPetya. And of course, there’s always the steady drumbeat of viruses and distributed denial of service (DDoS) attacks.
Ransomware attacks are increasing in both frequency and sophistication. Also increasing is the damage that cyberattacks cause, which several industry studies indicate is in the trillions of dollars annually, even as businesses struggle to find the money and experts to shore up their defenses.
Budget deficiencies have been a constant refrain for CISOs, CIOs and IT administrators. In ISACA’s annual State of Cyber Security 2017 report, only 50 percent of survey participants indicated expected budget growth, compared to 61 percent in 2016. The survey also found that applicable cybersecurity talent can be hard to come by. Almost 27 percent of respondents said they’ve been unable to fill open security positions, with another 14 percent unsure whether they could fill the open positions at all.
There are best practices enterprises should implement, regardless of their budget and/or staffing challenges, to mitigate cyberattacks. For starters, educate your end users on the dangers and best practices to prevent infections and regularly backup and encrypt important files. Also, educate yourself on the ransomware attack vectors. Implement a security strategy that starts at the network level. And finally, consider partnering with a security company that regularly upgrades their tools for earlier detection and consistently monitors for threats and attacks seen in the wild and updates their products accordingly to block attacks before they do any damage.
Keep Employees Up to Date
Simply educating users on best practices can go a long way towards securing systems. Much of the advice is common sense, but it still should be spelled out regularly for them. For example, remind users to never open attachments or click on a link in an email or in a chat message unless the sender is trustworthy. To drive home the point, let them know that according to Symantec’s 2017 Internet Security Report, 1 in 131 emails worldwide contain malicious data -- the highest it’s been in five years -- and these emails have a 30 percent open rate. So, teach your employees how to spot suspicious activity. Fake webpages and emails often have incorrect or odd spellings or unusual spaces, symbols or punctuation. Teach them to trash emails that look like spam. Better yet, show them how to inspect email headers if they’re unsure of the sender. Training and security reminders should be done periodically, and company-wide alerts should go out whenever there are concerns.
Keep Systems Up to Date
System backups must be done regularly, and make sure to verify the integrity of those backups. Also, run through the restoration process to assess that its working properly. Make sure your backups, whether stored in the cloud or offline in physical systems, are secure. In some cases, ransomware can impact cloud-based backups, particularly those that rely on persistent synchronization.
Systems and apps must have all the latest patches to avoid exploits that rely on outdated code. This was how WannaCry did its damage. Through the EternalBlue exploit, allegedly developed by the U.S. National Security Agency (NSA) and leaked online by cybercriminal syndicate The Shadow Brokers, it spread like a worm through networks with unpatched Microsoft Windows machines. Fact is, those vulnerable machines could have been protected. Microsoft had issued a critical patch on March 14, 2017, yet many IT organizations had not updated their vulnerable systems when the attack began.
Start at the Network
A good data security strategy begins at the network level to prevent unauthorized users from accessing your assets. Network perimeters must be protected (and don’t forget endpoints, like laptops, phones and tablets). A high-quality firewall is critical here. As a first line of defense, a firewall manages data flows by establishing concrete rules for allowing or blocking incoming traffic, and keeps unwanted files from breaching your network and compromising your assets. And look for next-generation firewalls that feature application control, which enables administrators to dictate precisely who can access network-based applications, preventing unauthorized users from compromising sensitive information and assets.
Also, consider some network segmentation strategies. Employees using their own devices (BYOD) can introduce threats from outside your network. Additionally, IoT devices may carry firmware vulnerabilities. Keep BYOD and IoT devices quarantined on their own network segment.
And if you can, layer on intrusion prevention capabilities. Intrusion prevention can help spot suspicious network activity and alert administrators before real damage is done. Vendors that offer cloud-based integrated threat intelligence services and next-generation firewalls can monitor for malevolent and suspicious activity, and can manage updates to ensure systems are up today. Threat intelligence adds a dynamic component to your antivirus posture, enabling real-time threat data to be analyzed so that viruses never reach your network.
Select the Right Solution
When budgets are stagnant, and resources are slim, enterprises can turn to solutions that offer all-in-one, affordable solutions that can handle all the network security, monitoring and control tasks. Enterprises have to be ready to handle cybersecurity attacks; even in the face of tight budgets and insufficient resources, they could be the target of a ransomware attack. By implementing best practices, consistently and correctly following them, and by leveraging best-of-breed security tools, companies can greatly reduce the chance that they’ll ever become victims of such attacks.