News about IT security breaches focuses on the biggest and most relevant to consumers, so it’s easy to forget businesses of all sizes are targets. The Ponemon Institute reported 61 percent of small- and medium-sized businesses surveyed for 2017 had a cyberattack in the last 12 months. In 2016, that number was 55 percent. Streams of attack attempts, port explorations and malware-bearing messages hit company firewalls everywhere, and the number of incidents which involve an inattentive employee are increasing.
A Cyber Battle with AI on Both Sides
With the power of artificial intelligence (AI) driving new and creative cyberattacks, as the Wall Street Journal reported, there is no specific door to nail shut. Though AI is helping to detect and block attacks, comprehensive IT security, implemented by well-informed professionals, is necessary.
Components of a Comprehensive Strategy
The CSIAC, a Department of Defense-sponsored computer security resource, recommends a three-pronged approach to comprehensive IT security:
- Connect operations and security personnel and ensure they are working together.
- Create processes for handling security intelligence and situational awareness.
- Individualize your security process for your company’s specific operations and requirements.
Your company is not alone if it has not addressed the prevention of cyber damage and has not formalized a response to an active threat. Addressing these three prongs can begin by bringing operations and security together for quarterly meetings, taking the first step to communicate risks and threats in a reliable way and creating a framework on which to build a security process.
IT Security Policies and Employee Training
The most important threat protection is employee training and education. Ransomware, viruses and malware are often transported by routine activities such as opening email and clicking on links, “drive-by” loading of malicious software from infected websites and carrying infected USB drives to use in the building. Information security policies guide the company’s response to detected risks and active attacks, providing steps to take much like a disaster response handbook. Experienced IT professionals can provide guidance in creating the policies based on the company’s size, line of business and other factors which determine the degree of risk.
Specific Protections for Web, Data and Email Vectors
Most of the active data exchange between low-risk internal networks and the open internet takes place via company websites, data transfers such as database server access and threat vectors transported by email and activated by unsuspecting users. These risks are addressed by properly configuring software and servers, educating users and installing software to identify and respond to active threats detected on the local network.
Storming Your Own Castle – Penetration Testing and Vulnerability Management
Penetration testing provides answers on network protections and defenses. Experienced testing teams use specialized tools to check for known areas of weakness. With “pen testing,” IT experts can identify missing software patches, unauthorized equipment on the open internet, outdated firmware and other vulnerabilities and address them before they are successfully exploited.
Recovering from an Incident
Even the most well-prepared companies are falling prey to malicious software and intrusion, resulting in damage to their reputation, as well as data assets and operations. Recovery can require actions similar to disaster recovery from fire or weather-related destruction such as using off-site backups.
Strategies for protection against a cyberattack are evolving as methods evolve. Advanced techniques recognize patterns and changes in software and user behavior, engage attackers in resource-draining activities and lead threat vectors to attack fake targets.
Our cybersecurity experts work to protect companies and their data with active and passive defenses, while still enabling employees to conduct business as usual.
Contact our team of experts today to learn more about protecting your data and your business.