Is there end-to-end cybersecurity in organizations?

In 2022, cyberspace entered a new round of transformation. Cybercriminals have become more sophisticated and their targets and attack methods have changed. Many governments are reviewing their cybersecurity strategies and increasing funding. When Russia found itself at the epicenter of events, the actions of both sides were met with a reaction from companies and the State. The demand for development and modification of information security systems has increased dramatically. It has become clear that real protection against cyber threats is a priority for all industries and levels of business. Who is most at risk, is it possible to create an "impenetrable" defense, and what threats are often overlooked? Find the answers to these questions in this article.

COMPANY SECURITY: A LOOK INSIDE

A great danger for companies is not only hackers attacking from the outside, but also internal threats. They are the same for all companies, regardless of their size and field of activity. These include basic errors made by employees when working with mail, negligence, internal actions, and cooperation with external suppliers and contractors. Statistics show that insider threats account for the majority of cyber incidents.

WHO IS THE BIGGEST DANGER?

According to new surveys, 53% in 2019 / 67% in 2022 / ?% in 2023 is the number of internal threats caused by malicious or careless actions of employees, which grows year after year: Internal threats come from primarily from employees, and the motives for their malicious actions vary. These can be employees who hold a grudge against company managers, dishonest employees who are looking for easy money and sell information about the company to competitors. And it happens that competitors or hacker groups introduce their spies into the company, and sometimes they can even be managers of different levels who have the appropriate level of access to the system. Thus, there are three main motives for internal attackers: financial gain, the desire to damage the company's reputation or the search for professional opportunities. However, it's often much simpler: if employees don't have basic skills to work securely with email, they can open an email from an unknown address and launch malware. Where do threats arise from? According to the latest studies, the following percentage of fraudulent schemes are implemented through: Messengers 34% / Removable media 25% / Cloud storage, personal email 8%.

MAIN SIGNS THAT A COMPANY IS AT RISK

Employees don't know what they are supposed to do to keep devices secure. For the sake of simplicity, employees violate the security policy. Sensitive data is sent to an unsecured cloud. Emails containing sensitive data are sent to a third party. Remote network and data access is possible outside of business hours. Multiple attempts to access blocked websites. Attempts to access USB ports and devices. Frequent requests for access to data unrelated to the employee's job responsibilities. Login from different IP addresses in no time.

6 STEPS TO PROTECT INFORMATION

• Step 1: Understand what information is confidential and important to the company, where it is stored, who and what level of access has access to this information and, most importantly, whether current protection measures are appropriate for the level of access. acceptable risk.

• Step 2: Introduce a trade secret regime in the company. To do this, it is necessary to develop a regulation on business secrets and specify a list of confidential information, the procedure for its accounting, storage and use. All employees are required to sign a confidentiality agreement.

• Step 3: Start monitoring data access, movements and user activity. It is necessary to limit the possibility of uncontrolled transfer of information to removable media.

• Step 4: Conduct employee training. In particular, it should include regular training on working with confidential information.

• Step 5: Use data encryption.

• Step 6: Protect endpoints from data loss, improve cybersecurity program. To do this, we must adopt a Zero Trust approach to data protection.

PROTECTION AGAINST INTERNAL THREATS

•    Data loss prevention tool (DLP solution).

•    Cloud Access Security Broker (CASB).

•    Control and management of access to unstructured data (DCAP systems).

•    Sensitive data labeling technologies.

•    Account and access management (IdM/IGA).

•    Access monitoring technologies for enterprise applications and databases (DAM systems).

•    Control of privileged users (SafeInspect PAM).

•    Multi-factor authentication (MFA) technologies.

•    Single sign-on (SSO).

•    Enterprise Mobility Management (EMM).

•    Technologies to encrypt data on user endpoints, etc.

•    Cyber literacy training for employees to identify signs of social engineering, phishing emails and reduce the likelihood of data breaches.

Close