The threat of cyber attack is increasing every day but unfortunately, many business leaders are waiting until they have a data breach to build up their cyber defenses to an appropriate level. They don’t think they’re going to be a target. The truth is that not only are their businesses targets, but the C-Suite has crosshairs on their backs because more often than not they’re easy prey for cyber predators. Here’s a true story of how this happens.
CEO’s Email Hacked and Monitored for Weeks
The email account of a CEO was hacked. (Withholding names for privacy.) Unbeknownst to the CEO, his every email move was being monitored and studied. The hacker learned who the CEO communicated with; the kinds of things he asked for; how he worded his messages; and who wrote the checks at his company.
After this surveillance had gone on for about a month, the hacker started to send emails from the CEO’s account to the CFO with requests to transfer money. The CFO complied to the tune of $200,000 and because the hacker was so good at covering his tracks, no one was the wiser until it was too late.
This scenario could have been avoided if the company had a more advanced approach to cybersecurity that included user training, and more sophisticated tools for locking down accounts.
IT Security Isn’t Enough
What happened in this story was the result of too much confidence in too few layers of security. The CEO thought they were covered with the IT security measures they had been using for years. They had firewalls, anti-spam, anti-malware and antivirus. They were updating their operating systems and primary software. It wasn’t enough.
How do you know if your IT team is keeping up with security and making sure that your defenses match up with your risk exposure? Use these five questions about Advanced Security to uncover gaps.
Five Questions to Ask to Find Out If You’re Getting Advanced Security
1. Do we provide Cybersecurity Awareness Training for our employees?
Ongoing cybersecurity training for everyone in your company shouldn’t be optional. It should be required. Think of it this way – what good are all of your technical layers of security if someone at your company opens up the door to the bad guys?
By not recognizing a possible attack and not knowing the behaviors that will keep data and systems safe - like proper password management – you’re making people your weakest security layer. Training turns your people into a cybersecurity strength and executives need this training just as much as everyone else.
Cybersecurity awareness training is a required component of any Advanced Security program.
2. Are we using intrusion detection tools?
The ability to know when there’s an intruder in your IT systems is more important than ever. According to Verizon’s 2019 Data Breach Report, 56% of breaches aren’t discovered until many months after they happened.
Hacker tactics and tools are evolving and the same advances in technology that are available to businesses are available to cyber criminals. The bad guys are using Artificial Intelligence (AI) for stealth, and the only way to fight AI is with AI. The normal arsenal of IT security tools isn’t going to include AI because they’re expensive and require additional skill to manage.
Intrusion detection is essential for Advanced Security.
3. Are we utilizing advanced security options in Office 365?
It’s very possible that your IT team doesn’t know about all of the security options that are available in Office 365. This may be because of insufficient product training, or it could be that they just don’t have time to manage one more thing.
Some of the security features in Office 365 require additional licensing but some do not. The decision to utilize any of the options within the program should be based on your business need and risk level. Here are some of the features that your IT team should be considering:
- Multi-Factor Authentication
- Advanced Threat Protection
- Mobile Device Management
- Encrypted Email + Data Loss Prevention
- Azure Identity Protection
- Privileged Identity Management
If you’re getting Advanced Security, your IT team should know how to utilize Office 365 security features.
4. Is all of our software getting updated and patched?
Your IT team should be updating and applying patches to your operating systems and primary software. They may not be maintaining your other software with the same rigor which can create security holes.
All software has potential vulnerabilities that can be exploited by hackers. As software developers discover these vulnerabilities they release “patches” to close these holes. That means that any software that’s not getting patched presents a possible way for hackers to get into your IT systems.
Any software could potentially be exploited but hackers like to go after popular software to have a bigger target. You may not realize who is using specialty software until you do an audit.
If ALL of your software isn’t getting patched, then you don’t have Advanced Security.
5. Are we paying attention to physical security?
When we think of technology, we often think of its intangible characteristics but the way we interact with technology requires some sort of equipment. When you need to upgrade your equipment – be it servers, laptops or smartphones – the way you dispose of the old equipment can compromise your security if you’re not doing it correctly.
Stacking up old computers in a closet is extremely insecure. All of your hard drives should be destroyed and certified as such by a 3rd party company. This is usually required for regulatory compliance in many industries.
The security of your office or facility should also be part of your cyber security plan. You can’t control access to data if you’re not controlling access to the place where the work is taking place.
Advanced Security should include recommendations for physical security.
How Does Your IT Team Measure Up?
It’s hard to know where to look for cybersecurity gaps. Hopefully, this list just made it easier to uncover holes in your defenses. Use these five points as discussion starters with your IT team to find out if you need a more advanced level of security.
If you’re looking for an objective viewpoint on your cyber security status, contact us to schedule a security assessment.