Cyber Security Awareness Month calls for a prevention, detection and recovery plan.
If you thought last year was a challenging year for cyber security, 2022 is proving to be even more difficult. Weekly cyberattacks jumped 42% across the globe this year, according to CheckPoint Research. The list of threats is long: supply chain attacks, ransomware threats, attacks on Costa Rican and Peruvian governments, and the fallout of perhaps one of the most serious zero-day vulnerabilities in history, Log4j, followed by the impact of the Russia-Ukraine war.
Too many business leaders assume that if they have a next-generation firewall, a good endpoint solution and an email scanning solution, they’re safe, says Chris Ripkey, head of ConvergeOne’s Cyber Security Practice. But that’s not the case. “Cyber security always changes. It's always evolving and it gets more complex each year,” he says.
Organizations often miss key vulnerabilities, whether it’s their data protection layers, their employees who can be manipulated to provide access to a network or a weak data recovery plan. October is Cyber Security Awareness Month, and it’s the perfect reminder that organizations can’t sit back on their heels amid a dynamic and aggressive cyber security landscape.
Preventing cyberattacks starts with privacy and people, says Ripkey. “The weakest link in any chain,” he says, “is the people-side of cyber security.”
One of the biggest trends in cyberattacks today relies on social engineering, or manipulating employees into inadvertently providing access to the network via mistakes or behavior. Phishing emails had been the go-to method for years, but more recently hackers have found success with a new trick: spamming people with multi-factor authentication.
This spring, malicious hackers began targeting Office 365 users by bombarding them with incessant push notifications on their phones asking if they authorize a login to their account. “They spam them until finally they just hit approve because they don’t want to deal with the spam requests,” says Ripkey.
Training employees regularly is a key part of prevention, in addition to a host of firewalls and security applications. Ripkey compares those layers of protection to a castle, which might have a portcullis, a drawbridge, moat, stone wall to protect what’s inside.
More companies are starting to use third-party companies that combine both artificial intelligence and human cyber security experts who watch their network and alert them of a potential threat. This is on the rise in light of skills shortage in cyber security. “We’re seeing more customers take advantage of managed detection and response,” says Ripkey.
Most organizations, however, tend to fail in the infrastructure side of security, which includes incident response training and planning for recovery if they’re attacked. They may have disaster recovery plans to continue operations in case of say, a natural disaster, but they may not necessarily have a plan for cases of ransomware or breaches.
This is an area of weakness for a lot of customers. At least 60% to 70% don’t have a plan for cyberattacks.
– Chris Ripkey, Senior Director, Cyber Security, ConvergeOne
At ConvergeOne, we analyze before we provide a solution that meets the customer's needs. We understand that our customers Cyber Security Programs are all at different stages of maturity, our goal is always to assist our customers in reducing risk within their organizations.
An incident response plan outlines exactly what you and your team will do in case of an attack, and outlines how to recover data and continue operations. Such a plan can bring order and expertise to an organization, rather than chaos.
ConvergeOne offers free assessments to organizations that focus on how well an organization can prevent and respond to a cyberattack. ConvergeOne will analyze a company’s ecosystem through the lens of its Prevent, Detect & Recover Architecture to spot any vulnerabilities to next generation threats. The architecture looks at whether there are prevention measures in place to prevent threats, to maintain confidentiality and integrity of data and to protect infrastructure, whether it resides in a software as a service solution or in one on a public cloud provider. It also examines detection mechanisms, such as whether or not employees are serving as natural firewalls to invaders, whether data access is being monitored, and whether infrastructure is set up to detect malicious activity. And finally, the architecture looks at recovery policies, whether or not people know how to respond quickly and effectively in case of a breach and whether or not systems are in place to recover data and restore IT operations.
Does your organization have the proper applications to ensure privacy of your customers? And does it have the right tools and education to ensure your people are protecting that data? Does it have a plan ready in case of attack?
No one organization is foolproof, but a holistic approach to security that combines multiple layers of protection can help make a company a little more difficult to break - so hackers give up and move on. ConvergeOne’s Prevent, Detect & Recover Architecture makes that scenario far more likely to happen.