Cyber security framework
Cyber security whitepaper framework:
Whatever your business or working style, cyber-threats are now a fundamental part of everyone’s lives. With ransomware growing by 400% in the past 12 months, according to Microsoft, and 53% of attacks focused on small-medium sized businesses, according to Symantec, understanding how to protect yourself and your business is a necessary skill in this digital age.
But navigating the sea of cyber security solutions is complicated. They fall into a few categories; detection, prevention, and recovery. In other words, solutions that can detect issues either actual or potential, solutions that help to prevent problems and those solutions that enable a speedy recovery.
There are four fundamental activities every IT department or IT provider should perform. These are:
1. Patch-management which involves ensuring all IT assets have the appropriate vendor security updates applied.
2. Upgrade management which involves ensuring you are running a supportable and current version of your software applications.
3. Email filtering, which performs rudimentary analysis of emails to remove high-risk content or emails sent from disreputable sources.
4. Proactively assess vulnerabilities across your IT estate.
Because most security solutions are designed against a known threat, they are always playing catch-up, no security measure allows you to completely eradicate risks. And unfortunately the largest risks are also your biggest assets – your people.
The weakest link in the security chain
When it comes to cyber security it isn’t devices, technology or software that are the greatest threat to a business. Instead, it is the human factor, the employee that clicks on a link, chooses a weak password, loses a mobile device or unwittingly gives out data that cyber attackers can use to gain access to valuable assets. The 2016 Cyber Security Intelligence Index stated that 60% of all attacks were carried out by insiders, both inadvertently through human error, and due to malicious intent.
In a typical day we are all exposed to a wide range of risks, from the moment we wake up and access our mobile phones, during our commute and even when we get to the office.
The morning commute
Catching a bus or train or waiting around airport boarding lounges exposes us to cyber threats. We’re at risk of physical device access data interception. Connecting to public Wi-Fi or leaving Bluetooth enabled on smartphones, tablets and laptops poses a danger. It allows open access and enables strangers to clone your phone. And with more of us holding business emails and documents on our mobile device any breach can be very serious.
The solution to this is using mobile device management (MDM) which helps to separate business and personal data. Furthermore, ensuring staff use an encrypted phone (like an iPhone) with a complex pin or biometric access is important to protect the data should the phone be lost or stolen.
At the office
Good IT behaviours are required while working within an office environment. Ensuring you lock your PC when away from your desk, taking care when browsing the internet, especially when downloading files, and using caution when opening email attachments, especially those requesting password resets or to pay invoices.
Just consider business email compromise (BEC) scams — legitimate emails from suppliers, vendors or even the company’s own CEO are spoofed and sent requesting password resets, demanding invoices to be paid or notifying need of a purchase order. This type of fraud is rising exponentially, with the US’s FBI estimating organisations lost $2.3 billion (£1.7 billion) in the last three years. The law enforcement agency also noted a 270% increase in the incidence of BEC scams since the start of 2016.
Users often use the same password for multiple websites. This makes a breach of any of these sites dramatically increase the risk of hackers getting access to others
We advise using different credentials for different sites
Users are also guilty of connecting non-corporate devices to networks, such as USB sticks, that introduce possible viruses. In addition, one of the dirtiest words for any IT team is: password. The use of weak passwords or not updating them regularly poses a tremendous risk companies. Weak passwords enable ransomware to infect internal resources. Research by the UK government shows that only 35% of people will follow password advice.
Going to meetings outside of the office
Most of us boast that with the right Wi-Fi we can work from anywhere — a coffee shop, waiting for a flight, or on-site with a customer. However, whenever we connect to public or foreign Wi-Fi access points we need to remember that all data to and our devices can be captured. And any vulnerabilities on the device could be exploited by anyone with access to the same Wi-Fi network. If the Wi-Fi is in a public place it’s possible that anyone on the internet now has access to your device — especially older machines or those with weak passwords. As a result, having a good firewall and MDM solution is critical.
A deeper look at user behaviour
In addition to being exposed to risks throughout the day, we are also made vulnerable via our actions. Technology exists to make our lives easier, but we need to be aware of the fact that as much as we can be more productive, flexible and efficient, cyber criminals are using the same technology to take advantage of us.
Users spend 25%-40% of their time using email
15%-25% of time is spent using web browsers
Most internet browsing is done in the between 7-9am, and at lunchtime as people browse the internet while having lunch at their desks
People are most vulnerable while browsing at lunchtime as this is the time they will venture into unexplored territory while clicking through links
Internet browsing & Email
Surfing is a common medium that viruses and hackers exploit. Ensuring your browser is set to High Safety and you are using the newest version and java release is vital in minimising the risk of infection. Furthermore many virus scanners provide internet filtering capacities to analyse all internet traffic for dangerous content.
Companies also need to instigate and enforce policies around download items from non-sanctioned websites or using software programmes that are not vetted by IT.
Email has always had its risks but due to the growing sophistication of ransomware more and more users are falling foul to deceptive emails which apparently originate from people they know. Anti-spam and virus filtering solutions can dramatically reduce the risks but ensuring users are always vigilant through cyber-training is important.
In today’s business environment where remote working is a part of daily life, VPNs or remote desktop services are common ways of accessing corporate resources. But any service that requires users to login with usernames and passwords are at risk of a third party gaining access. Ensuring all users have strong passwords with lock-out policies that disable accounts after three failed login attempts is vital. Newer technologies like Direct Access provide a secure link for pre-authorised devices which negates the need for username and passwords providing improved security to users.
Caution should always be taken when providing a device to a third party, especially if they need to log into the machine. Therefore any repairs should be performed by individuals who are authorised to read the information that resides on the device.
The cyber threat landscape is dangerous. Criminals and attackers are finding more sophisticated ways of breaching company networks, taking advantage of unwitting employees and exploiting valuable assets. This poses a serious risk to organisations who can lose business due to these breaches, suffer reputation damage and be fined. There are, however, processes and procedures that can be used to ensure organisations and individuals are protected. Staff education also plays an incredibly important role as users are the weakest link in the cyber security chain. Working with an IT security provider can bring great value to any protection strategy and go a long way towards keeping devices, networks and employees safe from online threats.