In a world in which many companies of iconic value (think Paypal, Yahoo, Sony and more) have been hacked, along with a number of military superpowers, companies can never be too careful in protecting their internal data. And yet, often times, organizations neglect to adhere to some of the most basic security practices. The result? Mass data breaches, system hacks, and an average financial loss, as estimated by Ponemon Institute research, of $154 per hacked record, and $3.79 million per organization!
To help keep your organization safe from hacks, we polled some of the top IT security companies and asked them to share their favorite tips and best practices for maintaining a secure environment. So how do they do it?
1. Educate your employees
According to TechRepublic, one in every ten websites gets infected by "drive-by" malware. With thousands of viruses and spyware programs out there, it’s easy for employees to accidentally fall victim of an attack. That is why according to Nick Santora, CEO at Curricula Curricula, the first step to maintaining your company’s security, lies in educating your employees using cyber security awareness training. This includes a company-wide understanding of: avoiding suspicious websites that offer pirated materials, safe browsing and privacy, using strong passwords, and never accessing work materials using public wifi networks without a virtual private network or VPN.
2. Device Fingerprinting
This fairly new tool allows companies to gather IP-agnostic information from the source of incoming traffic, enabling organizations to better understand and predict whether it poses a possible threat. According to Carl Herberger, Vice President of Security Solutions a Radware, "As hackers continue to leverage false and automated traffic to overload networks and take them down, having a tool in place, like device fingerprinting to identify authentic traffic from harmful traffic, will only continue to become more crucial for shoring up network security."
3. Eliminate Insider Threats
According to a recent study conducted by Intel, 43% of company data leaks occur from internal sources. Yet the majority of companies focus their resources on protecting themselves from external breaches, while leaving their data exposed internally. Insider threat detection platforms such as Teramind, allow companies to monitor and track employee behavior , releasing an alert in the event of an attempted data breach, such as:emailing a competitor, printing confidential data, deleting important files or copying data to a USB drive. Isaac Kohen, CEO of Teramind states "most companies haven’t thought about a program to combat malicious users from the inside, but in today’s business world it should be a top priority because too many people have access to sensitive data."Teramind offers companies an easy to integrate cloud-based threat detection solution.
4. Cyber Safety Net
As hackers grow more sophisticated in their methodology, it's not a matter of if, rather a matter of when your company will get hacked. The key to maintaining your security lies in using a cyber safety net to stop the hacker as swiftly as possible, before costly damage is incurred. Cyber analytics provide that safety net, giving the security team a ready means of detecting hackers once they’ve already penetrated the system’s defenses and are hiding amidst the company’s network data.
As Stu Bradley, VP of Cybersecurity Solutions at SAS explains, "Using sophisticated, automated algorithms that quickly sift through the ocean of network, security and relevant business data, security analytics enable companies to identify a cyber intruder by bringing to light suspicious network activity that might otherwise go unnoticed." Once the hacker is identified he can be promptly and efficiently stopped in his tracks.
5. Secure the Breach with Encryption and Two Factor Authentication.
Two factor authentication, or 2FA, has become a crucial step in maintaining organizational cyber security. Requiring a piece of data that only the user has, such as a code received via SMS or email, is a crucial component of protection against password-based attacks. As CTO of Data Protection at Gemalto, Jason Hart explains, "In addition to authenticating users with dynamic 2FA, data protection requires encryption and proper key management as part of any cyber security strategy. If the proper key management system isn’t implemented, records are at risk of being easily decrypted." Such was the case in the famous August 2016 Dropbox hack, which exposed a whopping 70 million passwords and user email addresses. 2FA is a cost-effective, yet strong security measure, so make sure to utilize it across all your company’s data systems.
6. Data Loss Prevention
As the web continues to rapidly expand, so does the explosion of data. In fact, it’s estimated that by 2020, the digital universe will reach 44 zettabytes! But the more data we create, the harder it becomes to protect. That’s why Justin Jones, IT Manager at Granite Ridge Builders, advocates the usage of data protection software, as a crucial element in maintaining organizational cyber security.
DLP provides the detection and prevention of unauthorized transmission of company data to outside parties. Should precious data get stolen, backup files are maintained. In the case of Granite Ridge Builders, an Acronis client that experienced a SMRSS32 ransomware hack targeted at their accounting file server, the client was able to save 17 years of accounting data and millions of dollars in ransom payments, thanks to the help of Acronis’s backup and recovery data protection software.
7. Browser Isolation
Most malware today makes its way through the user’s web browser. To prevent such, browser isolation maintains a ‘virtual air gap’ between the trusted network and the untrusted web. As Zuly Gonzalez, Co-founder and CEO of Light Point Security explains, the idea behind browser isolation is that "instead of trying to detect which web content is safe and which web content is not, let's assume all web content is malicious and stop any of it from reaching your network." Browser Isolation has been named by Gartner as one of the top 10 technologies for information security in 2016, and has begun to popularly appear in strictly regulated environments, such as Industrial Control Systems and heavily restricted government networks.
8. DNS Firewalls
DNS Firewalls or resolvers act as a virtual moat that surrounds your organization’s DNS system, by creating a protective barrier against outside threats from known malicious sources. A DNS firewall will provide immediate feedback to your team, in the event of spear-phishing, infiltration and other malware attacks. As Paul Mockapetris, DNS inventor and Chief Scientist for ThreatSTOP explains, "Most of the time, if you just shut down the outbound conversations between malware and the attackers, they will lose interest and move on." ThreatSTOP offers its own unique cloud-based DNS firewall solution that easily turns any DNS server into a DNS firewall, avoiding the need for additional outside software or hardware.
9.Program Based Security
The quicker a security breach is responded to, the faster the damage can be curved. The question often lies however, what issue should be dealt with first? Program based security strategies provide organizations with comprehensive vulnerability intelligence, enabling them to strategically prioritize defense and remediation tasks, should a cyber security attack occur.
As Gidi Cohen, Founder and CEO of Skybox Security explains, "The complexity and number of threats occurring today, combined with the volume of enterprise security tools used to address those threats, require security leaders to take a completely different approach to building their programs." Such is the nature of the program based security approach offered by cyber security companies like Skybox, which enable effective and efficient organizational remediation, in the event of hack.
10. Moving Target Defense
According to Morphisec's CEO Ronen Yehoshua, the key to maintaining cyber security today does not lie in one particular practice, rather in a multi- layer approach. The key is to create a cyber security stack that offers a wide range of strategical and operational securities. Ronen enumerates, "An optimal endpoint stack should start with an effective and efficient prevention stack that catches the bulk of attacks for the lowest cost." He recommends combining new technologies such as Moving Target Defense, along with traditional and inexpensive practices, such as the use of a robust anti-virus software, and augmented memory protection.
As the above suggestions reveal, there is not one perfect security solution to hacking and data breaches.The threats are numerous, new technologies and breach methodologies continue to proliferate, and the source of the threat can come from just about anywhere. The trick to remaining safe lies in being aware that yes, your organization's data is at risk -both internally and externally-, and making sure to take active measures to keep yourself protected.