Rob Shapland shares below the Top 5 Cyber Security Mistakes organisations are making today.
1.Not using Multi-Factor Authentication (MFA) everywhere
Too many businesses forget to do the basics. Every internet-facing login page that you operate must have multi-factor authentication, without exception. It’s just too easy for cybercriminals to use phishing or password guessing to break in without it.
Since the pandemic, every organisation needs to provide access to their files and emails over the internet, giving hackers a huge choice of targets. Most obviously your VPN and email must use MFA, but don’t forget about other login pages, SaaS and other apps you may use, such as:
- Corporate social media accounts
- CRM applications
- SSL VPNs
- HR app
- File transfer services (e.g. Dropbox, Sharefile)
- AWS/Azure administration
2.Assuming anti-virus is enough
It’s fair to assume that companies that have been successfully hit by ransomware attacks such as the US Colonial Pipeline, FatFace and Merck would have had anti-virus software on their servers and laptops. So why were they successfully infected?
Anti-virus, while still useful, is not enough to prevent modern-day threats. These new breed of attacks require a more advanced toolset, with Managed Endpoint Detection and Response service (M-EDR) leading the way, combining AI with skilled human analysts to identify and remediate threats quickly and efficiently. Ensure that this is installed across all your endpoints.
3.Relying on Protection over Detection
A sufficiently skilled and motivated hacker will be able to breach your perimeter. Whether it’s a particularly clever phishing attack targeting an employee, or a zero-day vulnerability targeting your internet-facing VPN, at some point there will be a way in.
However, once inside, a cybercriminal has to perform certain actions – they most likely want to either steal data or run ransomware, and these require certain steps to be performed. A Managed Detection and Response (MDR or XDR) service, such as Falanx Cyber’s Triarii service, uses AI combined with human analysts in order to detect these tell-tale signs before the hacker can do any damage.
4.Not ensuring your backups are secure and fit for purpose
Ransomware is the greatest cyber security threat to the continuation of your business.
Imagine a scenario where all your data is encrypted, and then your data backups are found and destroyed by the cybercriminals. This is a scenario facing many business, forcing them to pay ransom fees of six or seven figures to retrieve their data.
Modern backup solutions are often connected to the same network or use a cloud interface that a skilled hacker can gain access to by using a username and password they have stolen from your network, which of course they already have access to. This allows them to destroy those backups, ensuring that you pay the ransom fee. Even if the backups are safe from tampering by hackers, in many cases organisations do not backup all their data or have not tested a full restoration. This has led to many cases where companies have paid the ransom fee simply because it’s still cheaper than the whole company being unable to work for weeks while they scramble to restore data from a poorly implemented and tested backup solution.
It’s extremely important that your backups are safely separated from hackers that have access to your network, that they cover all the data that you would need to restore, and that the process is thoroughly tested.
5.Relying on e-learning for staff training
Your staff are your most important asset in protecting against cyber attacks, as the majority of attacks will use some form of social engineering, usually phishing.
Although e-learning has its place, in practice most staff don’t really engage in this style of training. They’ll generally half-heartedly read through it and watch the videos, answer the quiz questions at the end and then forget about it very quickly afterwards.
I strongly believe that face-to-face training is a much better solution, ensuring staff are engaged and not reading emails or responding to messages while they are learning. The training of course needs to be engaging and entertaining, which is why our Cyber Security Awareness Training is based around stories from our real-world experience of breaking into companies all over the world.
From my experience, people not involved in cyber security often don’t appreciate just how important a role they play in protecting the company. For example, our Cyber Security Awareness Training explains how an attacker can use your Instagram profile to design a spear phishing attack, to trick you into opening an attachment, that runs ransomware that then costs the business millions. With an experienced trainer explaining this to your employees in simple, relatable terms, you turn your staff into a highly effective extra layer of security.
Contact us now for more information on how Falanx Cyber can help ensure you spend your time and budget effectively to minimise the risk of a successful cyber attack.