The latest entry in a never-ending series of data breaches comes courtesy of popular internet platform Reddit. The company revealed that a hacker was able to access usernames, passwords, and email addresses by intercepting SMS two-factor authentication.
It's sad to say, but “giant company suffers massive data breach” has become all too commonplace in our news feeds — to the point that too many organisations are tuning out important lessons. So let’s get a little more personal.
Imagine a business leader who relies on two-factor authentication with SMS to protect his personal and corporate accounts. Unbeknownst to him, a threat actor phishes the executive’s phone number from overseas via a technique called SMiShing. Like email phishing attacks, SMiShing uses text messages to trick users into providing personal information such as passwords or usernames.
The attacker then determines the mobile carrier and transfers the phone number to a different global carrier. Then, he uses the phone number to authenticate password resets and eventually gain access to personal and corporate data.
Think that sounds far-fetched? I’ve witnessed this exact situation — or at least the ugly aftermath. The amount of time, money, and effort it took to help this individual recover data and regain access to his accounts and device could have all been avoided if not for an outdated cybersecurity recommendation.
Of course, all organisations must weigh risk and reward. Using two-factor authentication with SMS is better than not using two-factor at all, for instance. No amount of security will mitigate 100 percent of threats, but business and IT leaders must work together to determine which security controls are necessary, affordable, and worth the time to mitigate risks without hampering productivity and efficiency.
Emergent threats and evolving defences
Recent years have seen a much-needed systemic shift from away from the “set it and forget it” mentality. Historically, a firewall was installed, configured, and forgotten. According to the National Vulnerability Database, most firewalls have had at least two critical vulnerabilities in the past year. Like firewalls, IT teams must routinely check security policies to ensure new threats cannot exploit older weaknesses. Because most technology departments lack the bandwidth or experience necessary, managed security services have become increasingly commonplace.
The solutions you implement should complement the structure and working environment of your business, as needs change based on whether your employees work on-site or remotely. Either way, common-sense strategies and affordable tools can protect your business from a host of cyberthreats. Start with these five steps to improve your cybersecurity posture:
Use the power of the cloud to combat threats
The key to effective security is simply knowledge — knowing what your employees and organisation are doing is the key to proper security. The cloud has become a helpful resource in this sense due to the numerous privacy controls it offers to streamline protection across devices and corporate identities.
Cloud app security services are able to identify applications and services used by all devices on your network, allowing you to know exactly what users are doing on your network. With appropriate security in place, companies are able to investigate early and prevent breaches that could otherwise go unnoticed for months.
Create defence with a unified threat management system
There are a number of vectors that can leave an organisation vulnerable to cyberattacks, data compromise, or data loss: website visits, endpoint vulnerabilities, email phishing, and user error, to name a few. Adopt a defence-in-depth approach that deploys a holistic strategy via several tools, including cloud web filtering, endpoint protection, and unified threat management (UTM).
UTM can be tailored to your company’s needs, but it generally incorporates features such as a next-generation firewall, anti-virus, intrusion detection, web filtering, and protection against spam and spyware. A UTM system provides a more centralised approach to security management and superior protection while reducing associated installation and upkeep costs.
Invest in skilled IT staff and partners
To stay on top of potential threats, companies must invest in their cybersecurity capabilities. One of the most important priorities is designating specific IT personnel to manage security and data protection. This means individuals who have the certifications, knowledge, and capacity to truly understand the complexity of data protection, legal requirements, and technical controls. Tasking a system admin with cybersecurity — among a long list of other duties — will not cut it.
IT staff members often juggle more responsibilities than there are hours in the day, but a hybridised or fully outsourced IT model can help them stay on top of these endless obligations. If you take this route, make sure any partner you choose has the right skill set, certifications, and experience.
Insiders still pose a significant threat to your sensitive information — whether malicious or unintentional. According to the Verizon "2018 Data Breach Investigations Report," more than one-fourth of attacks involved insiders.
Foster a workplace culture that prioritises data protection, reinforces safe practices, and teaches employees how to identify common phishing schemes and dangerous downloads. Find engaging and interactive ways of teaching team members about cybersecurity. Consider incorporating your marketing team to leverage social and internal communications platforms to get security tips and information out in a visual and fun way. Some businesses are even going as far as phishing their own employees.
Create a thorough business continuity plan
A proactive framework includes a recovery and business continuity plan that ensures you can get your business back up and running if you do fall victim to an attack. This plan should include data backup and disaster recovery in addition to an executive-level strategy involving cybersecurity policies, insurance requirements, regulatory responses, and even public relations.
Cybersecurity is no longer about building a firewall and sporadically running antivirus. For optimal outcomes, organisations need an innovative defence-in-depth strategy with the resources to manage it all. The above five steps are a good place to start. Cyber threats are constantly changing, which means defences must evolve even faster. If security is top of mind, you’re headed in the right direction.
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.