Is your cybersecurity wrapped up for the holidays?
New research published in November revealed that the severity of inbound cyberthreats increased during holiday months.
The findings, from our Barracuda XDR team' Global Security Operations Center, suggest that cyberattackers may take advantage of IT security professionals being away from the workplace to launch more complex, higher risk attacks -- possibly in the hope that understaffed security departments are less likely to be monitoring the network for threats or equipped to deal with any crisis.
As the annual festive season gets underway, what can IT security teams put in place to maximise their defences until they return?
A clean desk policy applied to devices too
It may help to provide employees with a pre-holiday security checklist, one that include cyber-hygiene essentials like logging out of corporate applications, backing up their work, and ensuring their patches and antivirus software are up to date.
Support your staff
The holiday period can be a bonanza for phishing, so ensure that employees, especially those that use personal devices for work or connect work devices to home networks, know the signs to look out for and how to report a suspicious email
Close easy attack paths
Unpatched software vulnerabilities can be an open door for threat actors, giving them an easy attack path into your network and even the opportunity to install a backdoor for long term persistence, long before you even know the intruders are there. Before you wrap up for the year, make a list of any critical, or easy-to-exploit updates and patches needed and install them.
Tighten up identity security
Strong identity management policies should be a priority ahead of the next holiday season if you don’t already have them in place. Follow the least privilege approach to system access as this will significantly help reduce the attack surface available to attackers. You should also be sure to revoke access for seasonal workers and contractors as soon as their contracts expire to avoid these accounts being exploited.
Implementing multi-factor authentication (MFA) should also be at the top of your list. The additional layer of security will stop most common cybercriminals in their tracks and will go a long way to improve your security standing. To be truly effective, MFA needs to be applied across all applications and systems to ensure it can’t easily be bypassed by threat actors.
Follow a framework
Following an established security standard such as the NIST's Cyber Security Framework in the US, is a useful way of ensuring you cover the most important areas. Frameworks can help you more easily gain visibility of best practices and benchmark your performance against industry peers. In the UK it is worth checking best practice guidelines and checklists with the National Cybersecurity Centre (NCSC).
Round-the-clock monitoring is a must
Alongside making it harder for criminals to exploit a workforce that may be distracted or depleted during the holiday season, you also need the right tools to harden your network and detect and prevent threats, regardless of when they emerge.
Network segmentation, which divides the IT environment into separate sealed sections, is an effective way of stopping unwelcome guests from freely moving through your systems.
An Extended Endpoint Detection and Response (XDR) solution with complete visibility across your entire IT infrastructure will help detect signs of an attempted intrusion into your network.
Alongside this, a 24/7 Security Operations Centre (SOC) will ensure that there are always trained security professionals on hand to monitor, detect and respond to any emerging cyber threats. If you don't have the resources to support this in-house, there are third party SOC-as-a-Service offerings available.
Happy holidays
Cyberthreats never go away, and threat actors often target potential victims at a time when they might be vulnerable -- during the night, at the weekend, and over the holidays. But by taking the right precautions and ensuring any holiday hacking attempts will be both detected and remediated, you can rest easy knowing your network will be well protected.
John Flatley is consulting solutions engineer -- email protection EMEA at Barracuda.
Photo Credit: Shutterstock/gpointstudio