Some things in life are “set-it-and-forget-it.” Things like a Crock-Pot slow-cooker, or your DVR. IT security, however, does not fall into that category.
Instead, especially for businesses – typical targets of cybercrime and data breaches – it’s imperative that employees stay as informed and as equipped as possible about constantly changing threats. And that means they must engage in ongoing security awareness training. Why? Because hackers and cyber-criminals are opportunistic, skilled, relentless, and nimble as cats, readjusting and accelerating their methods and techniques as soon as the good guys figure out ways to stop them.
Companies, therefore, should employ what’s known as “Defense in Depth” in order to best protect data and systems against any particular attack; this is done by using several independent methods (which we’ll address later in this blog). But first, here’s a look at why businesses have to be so diligent. The facts are sobering.
- The AV-TEST Institute, a leading international, independent service provider in the fields of IT security and anti-virus research, registers more than 390,000 new malicious programs every day.
- The malware trend is escalating dramatically: as recently as 2012, the total number of malware programs was about 220 million; in 2016 that number has skyrocketed to about 995 million and growing.
- The United States is the most targeted country in the world, experiencing 23% of the globe’s attacks. The next closest country is China, with 9%.
- There is a long list of cyber-thugs, hackers and malcontents itching to infiltrate systems and steal data: Nation States (hackers employed by an arm of a national government, such as Chinese PLA or the Russian group purported to have hacked JP Morgan Chase), company insiders bent on sabotage or revenge, organized crime members, competing companies, thrill-seekers and those seeking notoriety, and political activists.
- Their means and methods are numerous: they gain access using weak default passwords and settings; they exploit known vulnerabilities, which are easy to find using programs such as Metasploit or Cisco Global Exploiter; they employ password-cracking tools to break weaker passwords; they use techniques involving social engineering and email (read about phishing); they plant infections in web sites.
So businesses – even small to mid-sized businesses – must employ constant, and constantly evolving, “Defense in Depth” measures, ensuring their network is protected:
- On the perimeter, with firewalls, Comprehensive Gateway Security Suite, and your IPS.
- On their Internal network, by ensuring employees know and follow security policy & procedures, by 24/7 monitoring of their network, and by assigning proper (“least-privileged”) access rights to employees.
- At the endpoint (workstations and servers), by employing up-to-date antivirus, anti-Malware, and Cloud security solutions.
- With staff, by keep them educated on evolving threats and the best practices to thwart them; companies like The Network Support Company offer recurring seminars on the subject.
The importance of ongoing and consistent security awareness cannot be overstated. Companies who want to stay secure must continually monitor and update their security software; undertake regular testing and auditing of its security measures to ensure they’re still effective; train, and re-train, employees on evolving threats and security policies; and have a documented and tested disaster recovery plan. The fact of the matter is that, daily, every company on the planet is being targeted for a breach; whether your company’s data remains safe depends on how well, and how consistently, it is protected.