We have come a long way since 1971. That was the year ARPANET, or the internet at its earlier form, was invaded by the Creeper virus. It replicated itself and spread around to other systems. The most damage it did was display random messages back to users.
If only things were still so simple. ARPANET eventually evolved into our modern version of the internet. With that came the Cloud, IoT devices, and other changes IT professionals could never have imagined back in those early days. Organizations must now deal with a more extensive array of challenges when it comes to network security.
A failure to prepare network components for the inevitable possibility of breaches can lead to catastrophic financial losses. The most recent Cyber Incident & Breach Trends Report revealed that businesses suffered 45 billion dollars in losses due to cybercrimes.
Let’s look at some sound cybersecurity practices for organizations looking to not only protect their network and sensitive data therein, but also their bottom line.
1. Enable Full Network Visibility
How can your organization make improvements if you can’t get a clear look at the current state of your IT architecture? Corresponding security updates must accompany any digital transformations your company is looking to integrate.
You need to understand how many of your applications are on-premise or cloud-based. Better visibility helps you see your dependencies and map out the local or company-wide impacts of any proposed changes.
IT architects can see how data flows, where things come to a standstill (bottlenecks) and areas not accounted for in current security protocols. Better visibility and network security monitoring increases your odds of stopping attacks coming from inside and outside of the company.
2. Implement Backup and Recovery
Backing up data should be an organization’s top priority to protect themselves in case of a catastrophe. Failing to backup data can leave your company vulnerable in the wake of a ransomware attack. The impact can be particularly devastating for small and medium-sized businesses (SMBs). Backing up data can allow companies to gain access to a clean copy of the information and continue their regular business functions.
Many organizations are looking into the benefits of full packet capture tools. They allow engineers to monitor network traffic and concentrate on the most valuable data assets. A robust packet capture system assists companies when they need to investigate the origins of data breaches.
It is also a good idea to automate backups instead of doing it manually. You avoid leaving your organization exposed in case an employee leaves or fails to fully complete the process. Many automated backup tools also provide reports letting you see where something may have failed, allowing you to address it before it becomes a security issue.
3. Monitor User Permissions
Many businesses also make the mistake of focusing only on outside threats. Some of the most massive security breaches in recent history started within a company or from one of their vendors. The Identity Theft Resource Center (ITRC) reported that the leading cause of the most lost records in breaches in March 2019 alone was “employee error / negligence” with 2,313,460 records breached or 69.6% of the exposed records that month were a result of an internal cause.
Are you in the healthcare industry? Pay attention closely to this one. Fifty-eight percent of healthcare systems breach attempts involve inside actors, which makes this the leading industry for insider threats today according to Verizon’s 2018 Protected Health Information Data Breach Report (PHIDBR).
It is a good idea for a business to follow the principle of least privilege (POLP) principle. Give users only as much access as they need, and no more. Any individual permissions granted should be carefully monitored. That access should be revoked once the business need is gone.
4. Create Bring Your Own Device (BYOD) Policies
BYOD adoption can bring additional pain points for security engineers. Thirty percent of IT experts surveyed by Bitglass raised concerns around data leakage, unauthorized data access, and the potential to expand shadow IT. External devices can also expose networks to a virus.
IT leaders can help ensure the security of BYOD devices by accounting for the following in their policies:
· Make sure the personal device is necessary for work
· Force employees to implement vital device updates
· Make sure BYOD policies get communicated regularly
· Implement effective enforcement measures of BYOD protocols
5. Keep Track of Third-Party Users
Many businesses rely on third party vendors and other partnerships for processes like taking card payments online or over the phone. Better privileged access management (PAM) policies that account for how vendors access your system can help prevent hacks and steal data.
A recent third-party breach example (among many headlines) was in January of this year when a misconfigured server of a third-party vendor exposed millions of bank loan and mortgage documents that belonged to Ascension, a Texas-based data and analytics company for the financial industry. The documents contained sensitive information for many major financial institutions including CitiFinancial, HSBC Life Insurance, Wells Fargo, and some U.S. federal departments.
Make sure contractors from outside companies get the same scrutiny as your employees. Investigate the background of anyone who will be accessing sensitive information and make sure they receive full training on your security protocols. Make sure you have tracking in place to monitor their movements around your systems.
6. Make Context-Aware AI Part of Your Network Security
Cybercriminals continue to evolve their techniques and adapt to your current security baselines. Having network security technology capable of adapting to their changes can be the difference-maker in keeping out security threats.
MixMode is a third-wave context-aware AI that gives you an adaptable defense against hackers. Our network security tools provide you with real-time threat detection, clear line of sight into network visibility, and a comprehensive set of network investigation tools.
Learn more about how you can incorporate MixMode’s AI Cybersecurity suite into your organization by scheduling a demo.