Has Someone Taken Out A Subscription Against You?

In the rush to remote working cybersecurity often fell by the wayside so that businesses could just keep the lights on. You would think companies would be rushing to plug those gaps. But are they? We’re still seeing three types of business: those that have been attacked, those that don’t know they have been attacked, and those that are going to be attacked.  
 
The risks are high with research showing the average cost of an IT security breach is $4.35 M. Also, 54% of breaches remain undiscovered for months. It’s not surprising really when you can now buy ransomware as a service as cheap as you can subscribe to Netflix.  
 
So, how can you be sure someone hasn’t paid a subscription to attack you?  The simple answer is you can’t.  
 
Which is why you need to take the belt and braces approach to cybersecurity. We all know people who lock the house but leave the windows open. That once you are burgled you install an alarm, use deadlocks everywhere, install floodlights and security cameras, or some just assume it won’t happen to them again – but often it does. A recent survey revealed that more than one in six (17%) of burglary victims had fallen prey to being burgled three times or more, and 65% of those in the same property.

So, if you don’t protect your fortress properly, you’ll very likely to be targeted again. It’s the same with business cybersecurity.  
 
Often businesses are attacked in a minor way, they do a bit of cybersecurity hygiene then continue as normal. But that was the attack before the real attack. What they haven’t taken into consideration is that most cyberattacks today don’t happen on the fly, they are well researched and planned. The average time attackers spend in the organisation is 240 days before they make their move. They build trust and rapport within the company before they attack.  
 
So why are we comparing a Netflix subscription with hackers?  
 
In effect, once a user identity has been compromised, the “hackers” don’t hack-in, they simply log-on just like you would with Netflix – often undetected until days, weeks or even months later. They quietly sit and collect data from your organisation and wait for the perfect time to hold you to ransom.  

Many companies have invested heavily in security products and services, but alarmingly research shows that many don’t have these services deployed and configured correctly, and in many cases the most vulnerable or “privileged” users are the ones least protected.  
 
Here are my top tips for ensuring your business is taking the right steps to prevent a ransom demand:     

  • Simplify your cybersecurity tool set. Simply by making sure your tools are joined up and work together – from Identity and Access Management, Multi Factor Authentication (MFA), application threat control, firewalls, network access control to endpoint protection - you will be better protected. This is not about buying more tools, in most cases it’s about reducing the number and complexity of cybersecurity tools you use and focusing on the vital few that will give you the most effective control by ensuring they are deployed correctly.  
  • Assume breach. Every business should be working from a standpoint of assuming they have already been breached or will be soon. You need to apply zero trust principals and ensure that every access made by every single person onto your network is explicitly verified.  
  • Use Multi-Factor Authentication. MFA combines two or more independent credentials: something the user knows, such as a password; what the user has, such as a security token; and what the user is, by using biometric verification or a known/trusted device. This single action – using MFA correctly - can eliminate more than 99% of phishing attacks of which there are 921 identity attacks every single second. Not using MFA is like locking your front door and leaving all the windows open!
  •  Write and Activate Data Loss Prevention Policies. These protect against accidental or deliberate data leakage by defining how an organisation can share and protect its data. They provide a guide as to how data can be used in decision making without it being exposed to anyone who should not have access to it.  
  • Streamline protection across email, chat, files web apps and endpoints – all these ways of communicating leave you open to attack if you aren’t using the latest cybersecurity technology. Make sure all your tools work across communication platforms and there are no gaps that can be exploited. 
  • Train your users. Regularly training your users on basic security hygiene will go a long way to keeping your business safe. The biggest single source of breaches come from your users clicking on a phishing email or text message. If you educate them about likely breaches and how attackers are thinking and likely to try and reel them in, then they can be your best form of defence. 
  •  Patch, patch, patch – and leverage automated patching were possible – across every switch, access point, router laptop and application. It sounds so simple, yet many organisations are still not patching in a timely fashion which is leaving them wide open to attack.  

 
If your business isn’t undertaking all these steps it’s not long before you’ll realise that a subscription has been taken out against you and the hackers have been logging on and off at will.

Make it a priority to address the gaps in your cybersecurity protection to lessen the chances of the next call you answer being one asking for a ransom.  

Rob Quickenden is  CTO of Cisilion

You Might Also Read: 

Making A Success Of Hybrid Working:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« What The West's Caution Over Chinese Tech Really Means
Chatham House Cyber Conference  | 14 June 2023 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Ammune.ai

Ammune.ai

Ammune.ai (formerly L7 Defense) helps organizations to protect their infrastructure, applications, customers, employees, and partners against the growing risk of API-borne attacks.

BCS Financial

BCS Financial

BCS Financial delivers financial and insurance solutions. Specialty risk products include Cyber and Privacy Liability insurance.

Cybellum

Cybellum

Cybellum brings the entire product security workflow into one dedicated platform, allowing device manufacturers to keep the connected products they build cyber-secure and cyber-compliant.

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

HYPR

HYPR

HYPR Decentralized Authentication minimizes the risk of enterprise data breaches while providing an enhanced user experience for your customers and employees.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

SoloKeys

SoloKeys

SoloKeys provides the first open-source FIDO2 security key: Protect your online accounts against unauthorized access by using the most secure login method.

CICRA Consultancies

CICRA Consultancies

Cicra Consultancies is a company that specializes in cyber security. Our major activities are guided by three main principles: Prevent, Investigate, Prosecute.

Kyndryl

Kyndryl

Kyndryl has a comprehensive portfolio that leverages hybrid cloud solutions, business resiliency, and network services to help optimize your IT workloads and transformations.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

AWARE7

AWARE7

IT security for human and machine. With the help of our products and services, we work with you to increase the IT security level of your organization.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

Google Cloud

Google Cloud

Accelerate your digital transformation. Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.