Cyberthreats are becoming an increasingly worrisome problem for organizations all over the world. In January 2021 alone, we witnessed nine serious DDoS attacks targeting educational and government institutions.
Most companies hesitate to take a proactive approach and instead focus on improving security only after an attack has already occurred.
According to the 2020 Cybersecurity Report from Accenture, a more proactive security strategy would help organizations suffer from fewer breaches, detect security events faster, and effectively reduce attack damage.
Companies that fail to jump on this trend will expose their systems to cybersecurity threats and lose their competitive advantage.
Why should organizations get more proactive about their cybersecurity postures? And how to get started?
Why should enterprises take data security seriously?
This one is simple. Enterprises gather, process, and generate tons of sensitive and confidential data. It’s their responsibility to secure this data using all possible measures. Otherwise, they risk losing their reputation and customer trust.
Let’s not forget that in today’s economic reality, data is one of the most precious assets. There’s a reason why companies like Google or Facebook are tech giants today. They gather data and sell it to businesses in the form of targeted advertising.
But let’s return to the main point. Data is a crucial asset - what does that mean? Your organization is the sole owner of any information about your business, including:
product or services you offer,
business plans and objectives,
information about your customers.
You need this data to improve your business processes, mitigate risk, optimize revenue and build meaningful relationships with customers. That’s why you need to keep it secure and confidential.
This is also a matter of reputation. Consumers know that companies collect data about them. And they’re fine with it if they get value in return - for example, a personalized experience with a product.
Even when buying small items, customers trust you with their sensitive information. Keep their trust by building a strong security posture to avoid any accidental security breaches.
It’s more than just money at stake here - it’s your reputation. Building trust and reputation around a business takes years - a breach can destroy in a few seconds.
Emerging trends in data security
1. Internet-facing vulnerabilities
Any network that is connected to the internet is exposed to internet-facing vulnerabilities. This means any system that has an IP address or hostname resolving publicly in DNS.
When remote workers use a VPN, Remote Desktop Protocol (RDP), or another access tool, they’re putting your system at risk. This is especially true if you’re expanding your internet presence and using interconnected systems that connect to the internet.
In 2021, this will become one of the key focus areas for cybercriminals. Organizations should prioritize securing their internet-facing infrastructure as hackers will be busy exploiting these loopholes. Examples include accessing unpatched servers using stolen credentials or identifying potential victims with exposed RDP connections or FTP servers.
An ineffective and outdated cybersecurity system isn’t going to help here. Endpoint security solutions and perimeter defenses aren’t enough.
Solution: Develop a vulnerability management program
Scan and patch the systems that might fall victim to exploitation. Protect your company from unknown internet-facing vulnerabilities using the best practices from the Cybersecurity & Infrastructure Security Agency (CISA):
Carry out regularly scheduled vulnerability scanning and establish a patching policy;
Implement stricter password controls;
Use two-factor authentication;
Enable Network Level Authentication (NLA) and disable Server Message Block v1 (SMBv1).
2. Social engineering attacks
When turning to social engineering, hackers rely on human interaction. This is a non-technical strategy hackers use to inspire people to breach security practices. It can be just as dangerous as sophisticated DDoS attacks.
According to Microsoft, social engineering attacks increased to 20,000 to 30,000 a day in the US. As cybercriminals become more successful, they’re bound to improve their tactics and gain access to more confidential information.
Here are a few examples of social engineering attacks we may expect to surface in 2021:
fraudulent communications disguised as legitimate messages,
targeted attacks that use personal information for gaining trust,
pretexting where hackers pretend to need sensitive information from a victim to carry out an urgent task.
Solution: Employee education
All it takes to identify when and where malware entered your network is Network detection and response combined with SIEM technologies.
But you can’t use this solution to prevent social engineering attacks. Instead, do your best to educate your employees on cybersecurity best practices and reduce the threat surface. Train them on how to spot phishing attempts and other types of social engineering attacks. Building awareness of such threats is incredibly valuable to increase your security posture.
3. System administration tools
Cybercriminals have always targeted system administration and management tools to breach enterprise networks. A study from Positive Technologies showed that over 50% of threat groups take advantage of publicly available penetration testing and system administration tools to create their attack strategies.
In 2021, IT systems are bound to become more interconnected. Exploiting tools like Cobalt Strike, BloodHound, or PowerShell Empire will be one key area of interest to cybercriminals. They will use these tools to run their software directly into the target computer’s memory and reduce their chances of detection.
Solution: Prevent devices from getting infected
Managing an IT infrastructure without any admin tools is impossible. But you can proactively prevent devices from becoming infected. There are many approaches that may come in handy here: from employee training and solutions based on artificial intelligence and machine learning to updated antivirus software and well-managed permissions.
4. Human-operated ransomware
These attacks are carried out by highly skilled criminals looking for financial gain. These people spend weeks, months, or even years identifying and overcoming organizational defenses to increase the impact of their attack.
Ransomware attacks are only going to grow and cause more damage this year. Today, one in three attacks is based on ransomware, and 24% of cyberattacks happen through ransomware.
How does ransomware enter a device or system? Here are three common pathways:
Cybercriminals convince users to click by using authentic email addresses, faking logos, or even mimicking a brand’s tone of voice. These hackers send seemingly genuine messages to inspire unsuspecting victims to open their messages and click on links.
Solution: Identify suspicious links
To protect your organization against human-operated ransomware attacks, you need to find a solid method for detecting suspicious links. Make sure to continuously scan for vulnerabilities, keep your software updated, and build a strong cybersecurity posture for your company by delivering cybersecurity training to employees.
5. No instrumentation or monitoring
Alert fatigue and staff overload, shortage of skilled security engineers, poor automation - these reasons account for why so many companies fall victim to cyber threats.
The Cybersecurity skill gap is a real problem. A study from Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG) revealed that 70% of cybersecurity professionals believe their organization has been impacted by the global cybersecurity skills shortage. A further 45% of respondents think that the situation has become worse over the last few years.
Solution: Invest in education
Close the gap and make sure that your organization invests enough in employee education, building awareness of security threats, and delivering training and scholarship opportunities. This is how you can prepare the new generations to face the cyberthreats of the future.
Team up with an experienced cybersecurity partner
Keep an eye on emerging technologies and threats and make sure that your employees have the knowledge and tools to prevent cyberthreats from affecting your systems. At Maxima Consulting, we have been helping enterprises across various industries to build stronger security posture.
Get in touch with us to get professional help in embracing these new cybersecurity practices and build a proactive cybersecurity approach.