Cybersecurity strategies tend to be stable from year to year, changing only to accommodate budget fluctuations. However, cyber threats change much more rapidly to outsmart things like the anti-virus software and malware prevention techniques of last year. In fact, there are approximately 1.4 million phishing websites that are created every month, resulting in an average loss of half a billion dollars per year. A study conducted by The University of Erlangen-Nuremberg showed that at least 45% of respondents fell victim to a phishing email sent by the college. Through gaining access to a user’s login and password details, cyber criminals can gain control of the victim’s social network, email, and online bank accounts.
Despite these realities, organizations still rely on firewalls and threat monitoring as the foundation of their security strategies instead of implementing stronger and more advanced cybersecurity strategies. It is important that an organization’s cybersecurity strategy adapts to the threat landscape, even if this means unlearning a few habits from the past.
Here are a few essential steps to follow to create a more efficient cybersecurity strategy:
1. IT and Business Needs Must Align
According to the Telstra Cyber Security Report 2017, when asked how important cybersecurity within an organization was, 35.5% of board members said that it was very important, 34.9% thought it was important, 22.4% remained neutral, and the remaining board members rated it low. However, only 16.4% of board members have a very high level of involvement in cybersecurity initiatives of the organization.
As the involvement of IT in business expands, there is a greater need for organizations to align their IT objectives with their business goals. With the rise in cybercrime costs around the world, the best enterprise leaders are now recognizing that cyber risks are indeed business risks.
What board members might find important may not be a priority to information security professionals and vice-versa. This is why communication between board members and cybersecurity professionals is important for proper security and safety of the company. Cybersecurity awareness and involvement ought to be a top priority for board level members.
2. Continuous Cybersecurity Awareness and Training
KPMG’s Cybersecurity Benchmark Report 2017 shows that 28% of all companies in the survey stated that security awareness is the most frequent cybersecurity topic in annual reports.
Training is more than just checking a compliance box. When done correctly, it can help organizations align its security practices with its business needs. Despite the advancements in artificial intelligence, humans still play the most important role in maintaining a safe and secure cyberspace. This is why cybersecurity awareness ought to be the most important security role within an organization with a focus on training employees, security personnel, privileged users, third-party vendors, and board members alike.
A good cybersecurity training program includes focusing on topics such as:
- The importance of updated software, backup routines, safe social media practices, and familiarity with phishing emails.
- Knowing how to handle critical situations.
- Ensuring that the practices and policies being taught are actually followed.
3. Analyze Where Protection is Required
Cybercriminals are working at an extremely aggressive pace, always aiming for the organization’s crown jewels— critical assets and sensitive data. Despite the fact that 80% of breaches in an organization involve stolen or weak credentials, only 40% of those companies provide adequate protection to privileged accounts. In fact, 80% of the companies do not know where this sensitive data is located or how secure it is.
An organization’s critical assets can reside anywhere within the virtual world as employees, customers, and company partners turn to cloud-based technologies to access and share business information. To ensure proper protection, organizations must perform and include explicit risk assessments on critical information assets. This will help them develop appropriate tactics to determine how they can achieve continuity and recovery in the event of a data breach.
4. Monitor and Update Constantly
Most companies are able to identify certain vulnerabilities and are able to patch systems to prevent threats from impacting their operations. However, not all companies ensure that their security training investments are functional, let alone that their disaster recovery plan is appropriate to their needs.
Although monitoring threat and vulnerability feeds is important, it may not be enough to protect an organization. To improve a company, one must be willing to address the changing threat landscape head-on.
Here are a few steps to follow to ensure an effective overall approach:
- Implement an inventory that regularly scans assets and quickly identifies vulnerabilities.
- Adapt a mitigation processes to prioritize and remediate vulnerabilities.
- Consolidate threat intelligence
5. Protect Beyond Your PII
There is at least one malware in every 131 emails sent with approximately 230,000 new malware samples being produced on a daily basis. Most of these malware contained ransomware attacks and although people are well aware of the dangers of clicking on unknown links in an email, 78% of people still admitted to doing so. Ransomware attacks have increased by 36% in 2017 alone and are expected to rise even higher in the years to come.
The world of cybercrime has advanced to an era of blackmail. Ransomware has become a major threat to privacy and personally identifiable information (PII) data as criminals not only encrypt the data, but also exfiltrate a copy of data from computer systems and mobile devices for use as blackmail. Criminals then use the information to collect a ransom in periodic installments.
It is important for organizations to understand the value of employees’, customers’, and the company’s data and to devise ways to manage, track, monitor, and secure personal data interactions and transactions.