It's October again, which has been cybersecurity month since 2003. A good time to stop and think about whether all aspects of security in your organization are in order. Often the focus is on technology, but people are forgotten. That is why one of the themes this year is #ThinkB4UClick. Because no matter how good your security is: people remain the weakest link. In this blog, we explain four points of attention that no strategy should be without.
Hackers nowadays have almost unprecedented (financial) opportunities to mislead people, and are sometimes supported by states. This enables them e.g. to completely recreate the websites of banks. They also use social media to pretend to be someone you know. One click on a link is enough for cybercriminals to penetrate and hold data hostage. By training employees, they become more aware of threats and risky behavior.
Because hackers are constantly inventing new methods, it is important to continuously bring cybercrime to the attention. This can be done by pointing out the dangers in newsletters. Since it is a challenge for many organizations to keep up with all the developments, security is often outsourced to a managed service provider. This provider does not only maintain and monitor your security products, but can offer an awareness platform as well. Besides training, users will also find current articles, videos and quizzes there. Gamification is an effective way to keep employees informed. If there are points to be earned, people will gladly enter the fray.
2. Set and forget
Sometimes organizations invest large sums of money in complex security solutions, and think that’s it. Often, they lose focus, because other matters demand more attention. However, the settings of 2018 do not offer sufficient protection from the threats of 2021. Staying up to date is a big challenge. Modern cybersecurity solutions use a weekly release schedule to respond quickly to new threats and offer new protection options all the time. Cisco employs three hundred cybersecurity experts who exclusively deal with detecting and defusing threats. A service provider ensures that these new options are applied to the customer's environment, so the protection always matches the organization.
Cybersecurity at home is a main theme of this cybersecurity month. As makes sense, because working at home was never as popular as it is now. At the office, security is often well taken care of. But what about outside? Devices are connected to the home network that are less secure than the company laptop. Often they contain possibly corrupted files. This requires extra measures. For instance, the continuous checking of devices that want access to the company network.
It is important to use security solutions that move with the user and his data. So not only at the office, but also at home, on the road and in the cloud.
The question is how far one should go to keep doors locked. A partner will be experienced in securing large and small organizations. This helps to determine your risk profile and the measures to be taken. If you purchase workplace security as a service, you can rest assured that the partner, together with you, will arrange for the best possible cybersecurity
Even if all the doors are securely closed, there is no 100 percent guarantee that you will never be hit. So what's the road to recovery? Sometimes, a virus is very similar to a weed. It keeps reappearing. When a virus strikes, it usually has several causes. In-depth research (root cause analysis) helps to identify these and to eradicate the weeds.
Proper execution requires a lot of knowledge. A good partner has this available. This helps to reduce the impact of a hack and to get back to work fast and safely.
Blog: Wouter Hindriks, Avit Group Security Lead