Tackling 2019’s scariest cybercrime tricks with adaptive, layered security
Since no organization can possibly protect against 100% of cybersecurity threats 100% of the time, an adaptive and layered security approach can help create a feedback loop of threat visibility, detection and prevention that consistently becomes more effective.
In our digital world, security risks come in all shapes and sizes and wield varying levels of potential damage. If you weren’t already convinced that cybersecurity threats are getting more frightening each year, here’s some startling stats to consider:
- Americans are more worried about cybercrime than violent crimes—including terrorism, being murdered, and being sexually assaulted (Gallup)
- The annual cost of cybercrime damages is expected to hit $6 trillion by 2021 (Cybersecurity Ventures)
- In the past 12 months, there has been a 235% increase in cyberattacks on corporate targets (Malwarebytes)
- In August 2019 alone, 114.6 million records were leaked from 95 total incidents, which is the highest number of breaches we’ve had all year (IT Governance)
- In most cases, it takes companies about 6 months to detect a data breach (ZD Net)
- 43% of cyberattacks are targeted at small businesses (Small Business Trends)
- The average cost of a data breach for organizations worldwide is $3.6 million and rising (Ponemon Institute)
Traditional security methods of the past included antivirus software, intrusion defense systems (IDS), intrusion preventions systems (IPS) and firewalls. These approaches are no longer enough because mobility, cloud and IoT trends have dissolved the network perimeter and environments are no longer static.
Adaptive security analyzes behaviors and events to protect against and adapt to threats before they happen. With an adaptive security architecture, an organization can continuously assess risk and automatically apply proportional enforcement that can be dialed up or down as needed.
Rather than just examining log files, monitoring checkpoints and responding to alerts, adaptive security software uses heuristics to study patterns. When done right, adaptive security helps you prevent an attack from occurring and respond to a breach within milliseconds.
The following list provides a high-level outline of the layered security best practices and adaptive technologies your organization should be adding on top of traditional network defenses to ward off today’s most dubious cybercriminals.
- It’s vital to have the latest endpoint protection platform (EPP) deployed on user devices to prevent file-based malware attacks, detect malicious activity and provide the investigation and remediation capabilities necessary to respond to dynamic security incidents and alerts.
- Anti-virus and anti-malware tools are a popular and well-recognized type of endpoint security, which protect enterprises against signature-based attacks and scan files for malicious threats by consulting against threat intelligence databases. But remember, antivirus solutions often prove limited in defending against newer and more advanced cyber threats, so this solution definitely needs the layered support of other defenses.
- A continuous adaptive risk and trust framework is need to protect inboxes from exposure to increasingly sophisticated threats. Large-scale migration of email to the cloud requires a strategic shift in how organizations secure this channel. Email security software can provide the prediction, prevention, detection and response framework you need to provide access and attack protection for email.
- Identify and secure unmanaged devices. To help protect against a myriad of threats, scan your network, then patch any unsecured machines, including potential blind spots like internet of things devices and make sure everything has the latest endpoint protection.
- Focus on patching known vulnerabilities. They are the low-hanging fruit for attackers, and failure to address them could lead to an explosion of malware across your network after a successful penetration.
- Limit what your staff has access to. The principle of ‘least privilege access’ should apply to all IT systems. Only provide staff with the minimum access they need to do their roles.
- Apply protection directly to sensitive data with encryption. Then, even if the perimeter is breached, you can be sure that your information remains secure, no matter where it resides.
- Use Data Loss Prevention (DLP) to prevent confidential data from falling into the wrong hands by providing visibility into what data is leaving the organization and enforcing protection policies to prevent illegal access to data.
Monitoring and Response
- Perform regular vulnerability assessments. Major changes to the enterprise IT environment, including cloud computing, big data, and the Internet of Things (IoT) make hunting for increasingly difficult as security teams are chasing an ever-growing list of technologies, software, as well as an exploding amount of their customer and employee’s sensitive data. If you lack the manpower and resources necessary to carry out regular assessments, scans and remediation activities, consider hiring an expert threat and vulnerability management service provider.
- Cyber Security Monitoring is a critical element of cyber risk management that enables you to detect cyberattacks at their early stages and escalate threats for remediation before they can cause damage to your business.
- Create a series of well managed data backups. These will allow you to recover from user mistakes and encrypted files. Make sure you regularly test your backups.
- Use failsafe mechanisms to avoid a disaster if and when things go wrong. Sandboxing, browser isolation and mirror shielding technology can help you isolate and quickly recover from any mistakes users make, whether it be a zero-day threat or accidently opening a malicious file.
- Comply with data protection regulations. The best way to ensure compliance is by creating a data security policy that keeps data safe from risks both inside and outside of the company.
- Make sure you have a comprehensive security awareness training program in place. If you can stop an employee from opening a malicious file or link in the first place, then malware will struggle to find a foothold on your network. Also, staff should be wary of unsolicited emails, particularly those that ask for a prompt response or sensitive information.
- Deep learning can be a valuable tool in the fight against attacks. To combat a foe that’s constantly evolving, you want your defenses to do the same.
- Keep an eye out for innovative solutions. Cybercriminals keep gaining ground because they are willing to innovate. As a result, cybersecurity is not something that you can set once and forget. There are potentially game-changing solutions in development, like blockchain-based database protection, that deserve consideration as attack vectors evolve and these new technologies prove themselves enterprise ready.
Effective adaptive security requires robust solutions that incorporate a variety of features and security measures for predicting threats and ensuring comprehensive network and endpoint protection. There is no single system or process in adaptive security. It is a multi-level, 24/7 monitoring system that is designed to evolve as cyberthreats and attacks become more sophisticated and complex.
Many businesses make the mistake of tapping into security technology when they don’t have the right staff to manage it. If you don’t have the budget to hire full-time security staff or your current staff is busy keeping day-to-day business operations running smoothly, seek advice from a trusted security advisor. Most companies agree that having an expert on call, who can lead them through tough security decisions in an ever-changing landscape, is key to their ongoing cybersecurity success.
Andy Pashby, CEO of Landmark Builders explains, “As attackers get smarter, so must our defenses. We can’t afford to take a wait and see approach. Using a trusted security partner allows us to just focus on revenue generating activities instead of worrying about the latest cybersecurity threat. While there aren’t any silver bullet solutions that will completely eradicate any and all cyberthreats, I feel better knowing we have a multi-layered approach to security if things do go wrong.”
Taking a proactive approach to security enables enterprises to more readily adapt to the changing threat landscape and initiate rapid incident response measures to halt breaches before they can expose sensitive data – or better, before they gain access at all.
(Part one of this two-part article can be viewed here).