Cybersecurity is at the forefront as technology sees increasing adoption across multiple industry verticals. Organizations must prevent and fight cyber crime, but it can take over 200 days to detect a breach for many.
This time frame increases the possible consequences of the breach and gives cybercriminals an opportunity to move laterally to other systems and exfiltrate the information they need. Once stolen, they may sell it to other cybercriminals who can use it for more nefarious means.
With many organizations needing help with how to protect themselves, they need to realize when subtle hints of a breach occur, such as critical data becoming unavailable on systems from ransomware.
Here are seven steps to identifying and fighting cybercrime in your business.
1) Education and Awareness
Employees are key to protecting your organization from cybercrime. It's important to build a company culture around cyber defense and awareness that empowers employees to seek help when they notice suspicious activities. The earlier, the better.
Organizations should also educate employees on how to prevent suspicious activity by:
- Being vigilant online
- Flagging suspicious emails with attachments, hyperlinks, and unknown senders
- Identifying suspicious applications
- Avoiding clicking on ads or links from unknown sources
- Limiting activities that occur on insecure Wi-Fi networks
Educating employees helps them avoid breaches and catch them early before becoming devastating events. As a bonus, employees also learn measures to protect their data outside of the workplace.
Training needs to start at the top with leadership and managers. Leaders are accountable for the implementation and maintenance of cyber security measures. They're then tasked with training employees to assess and prevent cyber security risks and threats throughout the organization.
2) Implement and Enforce Mobile App Security
Mobile apps are a significant source of risk for security breaches, so mobile application security in this world is important to get safe from hackers. Even apps that seem innocuous can expose your organization to high volumes of user data, a lot of which is sensitive customer and business data. This information needs to be protected from authorized users.
Many mobile apps have security controls in place to help developers design applications with high security, but the ultimate responsibility falls on the user.
App risks may include:
- Leaking data that malicious applications could read
- Using inadequate authentication and authorization checks that malicious hackers can exploit
- Transmitting sensitive data without proper encryption
- Using vulnerable data encryption methods
- Vulnerable APIs that expose sensitive data
Fortunately, there are several steps you can take to enhance mobile app security
- Reduce sensitive information that's stored in an app
- Use certificate pinning to limit intermediary attacks on unsecured networks
- Only allow permissions necessary for an app to operate effectively
- Implement data security policies and guidelines for mobile apps
- Avoid saving passwords in apps
- Enforce consistent session logouts after the use
- Use multi-factor authentication to add a layer of security for users with weak or old passwords
- Continually assess the risks of mobile apps and monitor for security updates
3) Analyze Logs for Suspicious Activity
Analyzing security logs is a helpful tool for identifying possible suspicious or unusual activity. Review security logs regularly to spot odd activities, such as logins or application executions, after regular business hours.
This process helps to identify cyber criminal activities, but if a breach occurs, analyzing the log offers forensic help to determine the root cause.
4) Keep Systems Patched and Current
All systems and applications must be patched to prevent cyber criminals and hackers from exploiting existing vulnerabilities to access systems. Patches are excellent for identifying and correcting vulnerabilities in software and applications that could leave them vulnerable to cyber-attacks.
Regular updates and patches can also fix bugs, improve features, or help the app operate more effectively. These measures don't prevent all cyber crimes, but they make your organization a more difficult target.
5) Use Strong Passwords and Protect Privileged Access
Weak or outdated passwords are a source of vulnerability in your organization. Employees should always use strong passwords and change them regularly. Passwords are only "good" for a few years, if not less, and most applications don't have a system to alert users to weak or outdated passwords. Help employees move passwords into the background using a password manager to help auto-generate strong, complex, unique passwords for each account.
Employees with multiple accounts and passwords are at heightened risk if they reuse them across multiple sites. You can implement an enterprise password and account vault to manage secure credentials across your organization.
Likewise, for privileged accounts. Employees with privileged access can leave a threat to the entire network. All it takes is to compromise one account to allow a malicious hacker to move through the whole network. Always identify privileged accounts and applications and remove administrator rights if they're not necessary. All accounts should have two-factor authentication as well.
6) Don't Allow the Installation of Unapproved or Untrusted Applications
Privileged access allows users to install and execute applications, which leaves a weakness depending on where the installation was sourced. Ransomware and malware can infect the system easily, giving the hacker access to install tools to maintain access for the future.
It may seem difficult, but privileged access makes this process simple for the criminal. All it takes is a user reading an email, clicking on a link, or opening a document that allows a malicious hacker to install tools on the device undetected. Now, the attacker has access to launch attacks or demand ransom for valuable data.
Any users with privileged access should not have an opportunity to install or execute applications without authorization or verifying the application's reputation.
7) Be Deceptive
Predictability is something criminals thrive on. Whether it's a burglar looking for a homeowner with a routine or a malicious hacker looking for predictability in user behaviors, knowing what to expect helps them plan. Automation becomes a problem since scans and patches are run on the same day or time of the month.
Be deceptive and unpredictable. Take an ad-hoc approach to updates and assessments. Attackers not only have fewer opportunities to attack but can't hide in your system as easily.
Fight Cyber Crime in Your Organization
All organizations face the threat of cyber crime. As technology becomes more commonplace, it's likely to continue. Organizations that take a proactive approach are better positioned to protect themselves from cyber threats. Then, if a breach does happen, these same measures can help you identify them and mitigate their effects before they can damage your financial or reputational health.