How To Improve Cyber Security Visibility & Control

With an increasing number of high-profile security breaches splashed across the media, companies are now looking to improve their cyber security.

As the world has become more digitally connected and working from home continues to be part of the way we work, there has become more opportunity for attack.  
 
What Are The Threats? 
 
Ransomware has become increasingly sophisticated, and the number of phishing emails has risen exponentially. This has left many businesses vulnerable. The Government’s Cyber Security Breaches Survey found that four in ten businesses (39%) and a quarter of charities (26%) reported having cyber security breaches or attacks in the year March 2020-21, and phishing remains the most common threat vector. 
 
The cost of these attacks is serious too. Around 21% of businesses end up losing money, data or other assets. A third of companies’ report being negatively impacted; for example, they require new post-breach measures, have staff time diverted or suffer broader business disruption.  

How Have Hybrid Working Models Increased Cyber Risks?    

Working from home and other out of office venues is leaving corporate networks vulnerable as the protection you would normally have behind the perimeter in the office is not in place on home and external networks. To further complicate the situation, users work from several locations with multiple devices and apps. 
 
Company devices that had never moved beyond the organisation’s walls and were kept safely behind firewalls, IDS, DMZs and set up with security solutions that kept cybercriminals from attacking them, are now outside those protected networks. These remote devices are vulnerable to cyber-attacks if existing on-site security solutions are no longer fully effective. 
So, what are the key things that businesses should focus on to improve visibility and control? Here are my five top tips: 
 
1.     Make your employees your first line of defence:   Keeping security front of mind while employees are out of the office is an essential step in protecting your organisation. Strong cybersecurity awareness training is critical to prepare an employee to be the first line of defence.  
 
With the lines of home and workspace blurred in a hybrid working world, phishing attacks, unfortunately, are here to stay. Therefore, reducing user risk by helping to identify email scams and malware should become part of bolstering an employee’s security awareness. Organisations can ‘test’ levels of awareness by conducting a custom phishing campaign to see how easily employees can spot a phishing email and how they respond. This can then be measured over time. 
 
Educating about password security and safe Internet habits should also be a vital part of staff training. 
 
2.     Protect the endpoint:   Where endpoints are concerned, it’s wise to take a proactive approach to limit what activities can be carried out on the device. Privileged access security is critical to protect access to data, applications and systems. This allows the organisation to keep control of its most valuable data. Each online identity can be set with special access, or specific capabilities and access can be reduced where necessary.  
 
With the high number of endpoints connected to the network, these become easy targets for cybercriminals. Endpoint Detection and Response (EDR) solutions can be deployed that involve continuous real-time monitoring of malicious activity. The solution can disconnect endpoints and shadow IT to respond to threats by utilising rules-based automated response and analysis capabilities. 
 
3.     Using best of breed detection and response services:   Managed Detection and Response (MDR) is a combination of both technology and human expertise to provide security monitoring across an organisation’s entire IT environment. These services can rapidly respond to and eliminate threats. Taking it a step further, Extended Detection and Response (XDR) provides threat detection and incident response by collecting data across multiple security layers. For example, across email, endpoints, cloud workloads, servers and networks to provide a holistic view that allows for faster detection of threats and response times.   
 
4.     Secure your organisation in the cloud:   Business needs are driving more organisations to the cloud than ever before. Cloud technology improves productivity, efficiency and cost savings and offers greater flexibility. But there are particular security implications to watch out for. The public cloud can limit your access control and authentication, so it’s wise to implement Multi-Factor Authentication (MFA), manage user access and integrate compliance into daily procedures.  
 
Next-Generation Antivirus (NGAV) takes traditional antivirus software to a new, advanced level of endpoint security protection. It’s a cloud-based response to detect and prevent malware, identify malicious activity by unknown sources, collect comprehensive data from all endpoint devices to understand better what is going on in the IT environment. It uses predictive analytics driven by machine learning and artificial intelligence and combines with threat intelligence which goes beyond known file-based malware signatures.  
 
5.     Prevention is best:   Today’s attackers know precisely where to find gaps and weaknesses in an organisation’s security posture. Companies, therefore, need to take actions into their own hands to become better protected. And thankfully, there are many ways in which this can be achieved. 

Reducing your organisation’s risk of a cyber attack is the best stance - both from a cost and reputation perspective. Re-evaluate your cyber security strategy, have the right tools and services in place and integrate with effective employee education and testing.  

Leyton Jefferies is  Head of Security Services at CSI Ltd    

You Might Also Read: 

Protect Your Organisation - Know Your Enemy:

 

« Trends In Application Connectivity & Network Management
Convergence & Digitalisation Create Problems For Energy Utilities »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Link11 GmbH

Link11 GmbH

Link11 provides DDoS protection solutions to protect websites and complete server infrastructures from DDoS attacks.

Cyber Exec

Cyber Exec

Cyber Exec is an executive search firm dedicated to global talent acquisition in Cyber Security, Information Technology, Defense...

Fenror7

Fenror7

Fenror7 lowers the TTD (Time To Detection) of hackers, malwares and APTs in enterprises and organizations from 300 days on average to 24 hrs or less.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

IAmI Authentications

IAmI Authentications

IAmI is a first in Tokenization Cloud-based IAM Security Services, delivering the most advanced form of Two-Factor Authentication.

Omnipotech

Omnipotech

Omnipotech is a complete managed service provider. From desktop to datacenter, all the technology support you need, under one umbrella.

KATIM

KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses.

Descope

Descope

Descope is a service that helps every developer build secure, frictionless authentication and user journeys for any application.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

The Purple Guys

The Purple Guys

The Purple Guys offer Trouble-Free IT Support to businesses across the Central and Southern US. Safe and Secure, Rapid Response, Friendly Support that’s our Purple Promise.

Diversified Technical Services Inc. (DTSI)

Diversified Technical Services Inc. (DTSI)

DTSI provides a wide range of technology solutions for Federal Agencies, the Department of Defense, and commerical organizations with capabilities including Cyber Security and DevSecOps.

Secur-Serv

Secur-Serv

Secur-Serv is a security-first managed services provider. We provides Managed IT, Managed Print, Managed Device, and Cybersecurity services to companies of every size.