Mastering the Fundamentals: Safeguarding Organisations in the Face of Evolving Security Threats

| By Bryan Willett, Chief Information Security Officer at Lexmark

In the era of advanced phishing and entry-level hackers, safeguarding sensitive data is paramount for businesses.

TAGS: Cloud Services, Security, Lexmark Print Management

In today's digital age, cybersecurity plays a crucial role in running a business on any scale. However, despite the constant threat of attacks, businesses often come short when considering their security system and necessary protocols, until it’s too late. It is often the case that businesses introduce sufficient measures only after a security breach occurs. With the proliferation of sophisticated phishing attacks, and increasing accessibility for lower skilled hackers, it is essential for businesses to implement robust security measures around their valuable data and sensitive information. While some business decision makers may not know where to start, the following blog will discuss how an understanding of the cybersecurity basics can prove invaluable. 

Security Fundamentals: The Foundation of Protection 

According to the Verizon DBIR, the three primary ways an attacker gains access to an organisation is stolen credentials, phishing and exploiting vulnerabilities. So, when it comes to cybersecurity, really it comes down to mastering the fundamentals. There isn’t one silver bullet that can protect your organisation from every kind of cyberattack. In fact, many smaller measures can all contribute to a comprehensive security barrier around all areas of the business. There are five key areas to effectively safeguarding a business from cybercrime:  

1. Configuration standards:

Enforcing strict configuration standards throughout the entire operation will guarantee the organisation a baseline level of security. This means all systems, devices and applications within the company infrastructure are maintained in line with security guidelines and best practices – the Centre for Internet Security (CIS) benchmarks, for example, have recommended configurations for all major systems and operating systems. Uniformity ensures no leaks can sink your ship. Regular compliance checks are a sure way to consistently maintain this baseline of security. 

2. Patch Management:

Outdated applications or software can lead to security vulnerabilities, so it’s always a best practice to regularly patch all systems to prevent possible vulnerabilities. These installs can be pushed out from a centralised point and completed in the background to prevent any disruption to work. For organisations with a remote workforce, patch management and configuration can be a challenge due to traditional management systems requiring devices to be connected to the corporate network. However, organisations can adopt cloud brand asset management solutions to address the modern remote workforce.  

3. Securing Identities:

Providing two or more pieces of evidence through multi-factor authentication (MFA) including passwords, pins, and security questions, to authenticate users within the organisation’s digital system is crucial in today’s environment to ensure people are who they say they are. However, modern attackers are nonetheless replicating company login screens, which can cause staff to inadvertently offer up their account details. Considering the threat of these advanced phishing tactics, companies should be employing more advanced MFA methods. For example, FIDO keys are physical devices which can be used to verify a user’s identity. By opting for a physical device rather than purely digital verification, you gain an extra layer of security which is harder for attackers to imitate. 

4. Security Monitoring:

A system of security monitoring operating 24/7 through a dedicated security operations team. This team relies on monitoring tools and automated detection to find potential threats before they can break through. Although these tools can do the heavy lifting, this team still requires trained professionals who can either act, adjust or redirect. Not every alarm is a threat, and not every threat will set off an alarm. 

5. User Awareness Training:

Workers are the soft targets for any cyberattack. One wrong click on a malicious link or attachment can spiral into an entire corporate system getting taken down. This is why employees are a necessary part of defence. Security awareness training needs to be regular and personalised. Threats experienced by the finance team will be different to the threats in the sales team, all of which can have devastating impacts on the business. However, by personalising and contextualising the risks for each area of the business, employees are able to develop stronger awareness. It also, helps to familiarise the users with the security team, so they know who to contact if there is a concern. 

6. Responding to incidents:

When incidents do occur despite proactive approaches to cybersecurity, the organisation must employ a protocol to protect the system from further infiltration. This should involve immediate account access revocation, a password and MFA reset, and a reimaging of the user’s workstation to eliminate any potential ongoing threats. There is only so much prevention and strategy can do when it comes to security, and ensuring a water-tight protocol to follow post-breach is just as important as all the measures discussed previously.  

As threats evolve, organisations must remain vigilant and constantly adapt their security measures. Phishing-as-a-service platforms – provided by the likes of Evil Proxy and Caffeine – have become extremely sophisticated, calling for consistent serious consideration of security by any organisation. While no system is foolproof, a proactive approach involving all five elements will be essential to organisations ensuring business continuity and success.