There are many factors to consider when you plan your company’s cybersecurity infrastructure. Choosing between convenience and protection, creating policy and understanding how attacks happen all play into these decisions. In this week’s Tips and Tricks we cover these topics as we prepare for our cybersecurity webinar on Thursday, May 13th with SKOUT Cybersecurity.
SECURITY vs. CONVENIENCE
When it comes to IT security, there is a balance between how tight the controls are and how usable the system is. Some companies, especially smaller ones, resist additional security due to fear of change, lack of understanding, or not wanting to deal with the inconvenience. If cybersecurity has never been an issue before, it doesn’t mean that it won’t be in the future. In fact most cyber attacks occur today within the SMB environment.
Examples of IT convenience include:
- No use of internal firewall
- Unrestricted log on hours
- Unlimited access to the internet
On the contrary, examples of IT security include:
- Strict control of internal PC firewalls and traffic between workstations
- Access for logon to PCs is restricted to working hours
- Controls and software that limits applications from being installed
- Internet/email threat awareness training
- Physical access control
Eventually, companies need to take some steps towards security to mitigate the risk of phishing, ransomware or other cyber attacks.
HOW DO CYBER ATTACKS HAPPEN?
There are four main steps that a malicious actor takes to gain access to your network: reconnaissance, attack, expansion and obfuscation.
- Reconnaissance: Hackers will research information about the target company and search for network vulnerabilities. In this step, attackers gather information about network information, IP addresses, domain names and personal information of key employees. The process of identifying vulnerabilities may take months and involves a lot of trial and error.
- Attack: Attackers will then enter the corporate network by gaining elevated access. They use tools to steal credentials from high level employees, which grants them administrator privileges and easy access to the entire network. At this point they steal sensitive information, encrypt it or sell it on the internet. They may also infect the network with a virus.
- Expansion: Next, hackers attack every system on the network with the help of malicious programs. They do this to continue to infiltrate the network without any admin privileges.
- Obfuscation: Last, attackers will hide their tracks to mask the origins of the attack and confuse forensic experts. Their tactics may include spoofing, log cleaning, zombied accounts or trojan commands.
PREVENTING CYBER ATTACKS
The first step to preventing attacks is to understand the motive behind them. Most often, attackers seek financial gain. Other motives include damaging an organization’s reputation, spreading fear through cyber terrorism and distracting authorities from more dangerous attacks.
Cybersecurity efforts should include:
- Testing the network and systems for vulnerabilities
- Installing firewalls and antivirus software
- Adopting multi-factor authentication
- Implementing intrusion prevention technology
- Encrypting your company’s data
- Training employees
To learn more about today’s cybersecurity environment and ways to be protected, join us on Thursday, May 13th at 2:00PM EDT for a special webinar with SKOUT Cybersecurity, “Protecting Your Business Against Cybersecurity Threats”