You better watch out: ABCs of keeping your organization secure this holiday season

In the earlier post we discussed the individual efforts to keep ourselves cyber secure during the holidays. Now, let’s move to organizational level: To all the IT / Security professionals who want to keep their organization secure during the holidays… We compiled a list of do’s and don’t’s for you. Here are our suggestions:

• Be proactive about identifying threats that lurk in the background:
Practice threat hunting by combing your data logs for any security incidents, hidden anomalies and attack attempts. Hackers can penetrate your system undetected and remain in your network for weeks while obtaining data, login credentials and other confidential information in total secret. Look for new threat signals such as login attempts and user activity outside of your usual schedule, new illicit account permissions, swell in database read volume, odd network traffic or user logins from unusual locations. They’re a dead giveaway that something suspicious is going on.

• Keep hard drive backups offline or offsite:
Ransomware works by denying you access to your own computer files with encryption. Hackers will demand a ransom payment in exchange for the decryption key, which may unlock your files. Many organizations paid the ransom only to fuel more attacks which crippled their operation and caused significant long-term damage. The safest way to store your data is on the cloud or in a vault, while making frequent software updates. This way, if your computer gets infected, you have a reliable backup of your most important files.

• Do not click on every great discount offer:
People often buy gifts during work hours, and you can expect many of your employees to do the same this holiday season. But this practice can expose your organization to risk if employees are deceived into opening an email that advertises a discount offer that sounds too good to be true. Cybercriminals know that people are looking for great deals, which is why ransomware and credential phishing attacks usually go up during the holidays. These are sophisticated attacks that mimic the aesthetic of real emails from established retailers. Take the time to warn your employees about these traps that target holiday shoppers. Ask them to count to three before opening emails asking them to download amazing offers or click suspicious links.

• Have a robust vulnerability plan:
First, don’t forget to make regular software updates, which is beneficial for a number of reasons. Updates repair security holes, debug your computer and help patch security vulnerabilities that attackers love to exploit in order to infect your device. Second, regularly scan your application for weak spots, which may reveal thousands of doors opened. If you merged with another company or made a recent acquisition, your risk just doubled. Third, as attacks have become more diverse in recent years, your enterprise needs an extra layer of protection to minimize false positives. By investigating threat correlation, you can link events from several data sources to uncover new threat insights and by following a risk-based approach, you can identify, assess and prioritize looming dangers before they happen.

• Implement Identity and Access Management (IAM):
This lets you grant and manage privileges to select users and devices for accessing cloud or on-prem applications. Users can include clients, partners and staff while devices can comprise anything from routers, servers and sensors to smartphones, controllers and computers. IAM makes sure that no one violates these privileges by monitoring logins and permissions on a regular basis, while empowering you to oversee your entire community of users. This way, your security team gains control over every login and activity as well as laser-sharp insights about user identity, time and location.

As a result, administrators and security teams can report on suspicious activities and apply corporate policies to ensure compliance. With more employees working remotely, which increases security risk, IAM is a great mitigation tactic for protecting your company’s crown jewels.

• Boost your network reliability:
The first thing you can do to avoid network breaches is to break you network into smaller parts. Doing this erects barriers between these components and restricts the level of damage that hackers can cause.

You can also install and monitor firewall performance, update passwords every few months and build in Advanced Endpoint Detection that uses machine-learning or behavioral analysis. Other easy things that you can do include creating a virtual private network, deleting spam emails and filtering malicious websites to prevent your employees from accessing them.

• Burst the hacker’s bubble:
If you want to demoralize cyber criminals, your best bet is to get a two-factor authentication on your app or device. It comprises two separate, distinct forms of identification such as a password and verification code sent to your phone number or email. They act as an extra security layer and ensure that you’re the only person who can access your account, even if someone else has your login credentials.

• Be on your guard throughout the year:
Hackers don’t strike only during the holidays – they target victims year-round. By incorporating these essential elements into your daily defense strategy, you’ll be able to catch threats, act immediately and bounce quicker when criminals try to disable your systems and steal information.

GBM wishes everyone a happy and secure holiday season!

Please contact us at [email protected] for any security-related queries.

REFERENCES:
• https://newsroom.cisco.com/feature-content?type=webcontent&articleId=2112589
• IBM Security Intelligence, December 2021