Preventing Havoc

A recent article published by Aruba Networks pinpointed that companies with a focus on cyber hygiene and security basics prevent more attacks and find intrusions faster. To master this – it starts with getting the security basics right.

​

In 2020, nation-state attackers compromised as many as 18,000 companies by inserting malware into an update from remote management vendor SolarWinds. As many as 30,000 organizations early this year have suffered an attack through zero-day vulnerabilities in Microsoft Exchange.

​

Cyber hygiene and consistently stressing security basics remain the most important practices for companies, boosting their ability to detect attackers who get inside their networks and systems.

​

“I would contend that about 95 percent of the exploits that are used by nation-state actors and high-end criminal groups are not using zero days but just [exploiting victims who leave] the doors open for the attackers,” says Gregory Touhill, a director on the board of the Information Systems Audit and Control Association (ISACA) and a professor of cybersecurity at Carnegie Mellon University. He argues that closing the front door to the network by patching and applying good configuration management and other measures will have the greatest long-term impact. Why would attackers use high-value attack techniques when they can just walk in the unlocked back door?

The stats bear this out. Companies with leading cybersecurity programs are four times better at stopping attacks and finding breaches, three times better at responding to breaches, and two times better at reducing the impact of a breach, according to Accenture’s State of Cyber Resilience report.

​

“You want complete visibility and consistency, developing the right operating model for network and endpoint, and, for access, understanding how to use least privilege to lock down the cloud services and network components,” says Rob Boyce, North America cyber defense lead at Accenture Security.

Sophisticated and large-scale attacks will always stand out, but boring, day-to-day security measures are key to minimizing risks.

​

Here are the basics, broken down into three typical categories: people, process, and technology.

​

People: Principles, awareness, strong passwords

​

Your employees are your organization’s first lines of defense. Teaching them about best practices, using a password manager, multi-factor authentication, and to be suspicious of each and every email. Investing the proper training in your people goes a long way toward keeping your company safe.

Process: Protect assets, financial transactions, data

Knowing what assets are critical and how to protect them is key to securing your organization. Companies who maintain a census of these assets can properly keep each of them patched and determine the appropriate controls for each category of the assets. Backing up the most important data and running regular exercises to verify restoration is the first line of protection for your organization. Your restoration process should be as painless as possible. There are cases where companies have paid ransoms even when they have backups because the process of restoring their data takes too much time.

​

Technology: Identity, endpoint, cloud service protection

​

Remote work is another reason why organizations should plan to adopt a zero trust architecture. The focus of zero trust is to start with the assumption that any device may be compromised and verify that the device is clean and then keep watch for abnormal behavior. An identity infrastructure is the first requirement for zero trust. Users and devices are discrete entities that are monitored for changes in behavior. If a device suddenly connects from a new location or someone accesses a resource for the first time, that should trigger additional security checks. Multifactor authentication helps in preventing attacks with stolen credentials. In addition, device management software ensure devices are up to date and configured correctly. Endpoint detection and response lets you manage remote devices and respond to incidents from afar. The more that automation is built into the systems, the faster the security team can respond to potential breaches.

​

How we help

​

In today’s digital era, it’s important for organizations to focus on how to keep sensitive data safe. At VoDaVi, we see first-hand how network security is a moving target and recognize the importance of constantly monitoring and maintaining systems to ensure smooth business operations. 

​

Our IT solutions and Managed Services carve the path for organizations to modernize infrastructure and optimize workflow like never before. This service provides a wide variety of technological capabilities to boost efficiencies, enhance security and allow infinite scalability for future growth. With this resource and our expertise, we’ll help maximize your organization’s productivity. Give us a call at (866) 896 – 1777, or fill our our contact form to learn how we can partner with your organization!