Rest of Asia
Rest of Asia
Rest of Asia
Rest of Asia

Elements of a Successful Plan to Tackle Tomorrow’s Digital Security Risks

Protecting the digital ecosystem is critical for the survival of any enterprise today. Hackers have become more sophisticated than ever before. They deploy sophisticated tools to breach networks, increasing cyber-risks for the enterprise.

A determined and focused hacker has many means to penetrate any network. For instance, they slip in an obfuscating link. An unsuspecting employee clicking on the link and entering login credentials gives the hacker access to the system. 

Thwarting cyber threats mandates a four-pronged framework of prevention, detection, recovery, and analysis. 

1. Prevent the Threat

As the adage goes, “prevention is better than cure.” Prep up the network and the enterprise to pre-empt attacks rather than trying to ward it off once it emerges. 

Monitor the Network

Ensuring network visibility is the first step in a successful cybersecurity plan. Monitor traffic in and out of the network. A strong anomaly-based intrusion detection suite detects early warning signs of cyber-attacks. The tool triggers alert at the earliest signs of abnormal activity. The system shuts down to pre-empt data loss or ransomware. Security managers receiving the alert may take real-time remedial measures. 

Monitor traffic from firewalls, routers, switches, and all other Internet access points. Pay special attention to IP-enabled cameras, webcams and web-connected printers. Cyber attackers often hack webcams to spy on employees or top management meetings. Enterprising hackers take over webcams as botnets for DDoS attacks. In November 2018, an enterprising hacker made about 5000 web-connected printers across the world do his bidding. He made the devices print leaflets urging people to subscribe to PewDiePie! 

Sanitize the Ground Level

Do not underestimate the physical security of corporate offices and data centres. 

  • Limit employee access to data centres and other sensitive areas. 
  • Install biometric access systems to limit access to active and legit employees 
  • Having strong multi-factor logins pre-empt the threat posed by rogue insiders.
  • Deploy physical locks of hardware to prevent unlawful intrusions on the sly.

Make sure the cloud service providers have similar security protocols for their data centres.

Track Hardware

Use a remote monitoring and management (RMM) solution to track physical equipment such as laptops and BYOD smartphones. Make sure each device works with the proper security tools and protocols in place. 

Build User Awareness

Identify threats and vulnerabilities in the enterprise, including the supply chain. Remediate the vulnerabilities. Build awareness of the external threat landscape. Train users on how to recognize it. Offer regular and on-going education on best practices and risky behaviour.

2. Detect and Defeat

Many malware gets past network monitoring. Once it does, it is up to the antivirus suite to detect it fast and stop it cold. 

Traditional antivirus solutions perform scans and check file signatures against a list. The success of detecting threats depends on keeping the list of known viruses updated. Modern antivirus solutions focus on behavioural and heuristic virus scans, considering that malware attempts to change registry files and delete backups. The anti-virus places in quarantine those files indulging in activities typical of malware. 

Web filtering protects against drive-by downloads, phishing sites, and URL hijacking. 

A comprehensive antivirus solution co-opts automated patch management to detect unpatched software. Patch management alone would have saved many enterprises from the dreaded WannaCry ransomware attack. 

Many enterprises deploy unified threat management (UTM) solutions. It co-opts network intrusion detection, firewall, antivirus, email spam protection, and web filtering. 

3. Recover and Encrypt

Antivirus suites are not bulletproof. Enterprises have to deploy additional layers of digital security. 

Strong encryption blocks unauthorized access to personally identifiable information and commercially important data. A data management program with strict protocols tracks user access to sensitive data. It also fixes responsibility in case of mishaps.

A disaster recovery plan covering both data and equipment recovery enables swift recovery. A good backup solution restores systems quickly, in the event of ransomware attacks, fire corruption, or data loss. Selecting cloud providers offering redundancy also enables quick rebound in case of an attack.

4. Analyse the Threats

Securing the network is not a one-time activity. A committed digital security team is always on their toes. They seek out new threats and check if their security deployments function satisfactorily. 

  • Understand the cyber risks relevant to the business through assessments and simulations. For instance, an online marketer will be highly susceptible to phishing attacks, when researching. Conjure up precautions to pre-empt the threat. 
  • Develop a policy on software. Allow only approved or white-listed apps and software. 
  • Perform penetration testing and vulnerability scans to assess the state of the network. Rope in specialized managed security services providers (MSSPs) if the internal talent is lacking.
  • Deploy security incident and event management (SIEM). A SIEM uses advanced data analysis tools such as forensic analysis to assess threats. It triggers alerts on bad hosts, corrupted USBs, and more. Block malicious domains and sites based on inputs from SIEM.

5. Develop Talent Base

Cybersecurity faces a serious talent crunch. Even the best of intentions may falter due to lack of skilled workforce to implement it. List the competencies and skills required to support digital business and security initiatives. Next, identify the gap between the existing and desired state. 

Enterprises could fill the gap in many ways, such as:

  • developing internal talent through training interventions
  • recruiting new personnel with the required skills
  • outsourcing digital security functions to managed security service providers (MSSPs)

For large enterprises, having a full-time CTO/CSO on board helps. Finally, never lose sight of the complete picture. Many enterprises accumulate stand-alone security deployments, thinking more deployments make them safer. But only a comprehensive and integrated approach keeps attackers at bay. Enterprises participating in CIO’s 2019 State of the CIO survey reveals IT security is a key component of their IT roadmaps and projects. Almost two out of three enterprises have already integrated IT security strategy and IT strategy. 83% of enterprises who have not yet done so plan to do it within the next three years.

Tags:
Email
Twitter
LinkedIn
Skype
XING
Picture of Christopher Khor

Christopher Khor

Christopher provides technology insight as well as advising & coaching services to IT Professionals. He is also an Adjunct Teaching Mentor with SMU Business School. He graduated with an MBA as well as MSc(Computer Science) and has over 30 years of working experience, serving in critical roles such as IT Director and CIO positions. He believes in the power of relationship building and people development through mentoring and coaching organizational success.
Picture of Christopher Khor

Christopher Khor

Christopher provides technology insight as well as advising & coaching services to IT Professionals. He is also an Adjunct Teaching Mentor with SMU Business School. He graduated with an MBA as well as MSc(Computer Science) and has over 30 years of working experience, serving in critical roles such as IT Director and CIO positions. He believes in the power of relationship building and people development through mentoring and coaching organizational success.
Blog or Generic
Ask Chloe
Proofpoint
Tricentis
Proofpoint
Tricentis

Recommended For You

View More
IT Knowledge Zone is the leading source for transformative tech blogs, events, and use cases in the APAC region that provide deep contexts to help business leaders make smart decisions and stay on top of innovative tech solutions.
  • Follow Us On
ITKZ Follow Us On LinkedIn
  • Office Address

9, North Buona Vista Drive, # 02-01
The Metropolis Tower One
Singapore 138588

IT Knowledge Zone is the leading source for transformative tech blogs, events, and use cases in the APAC region that provide deep contexts to help business leaders make smart decisions and stay on top of innovative tech solutions.
  • Office Address

9, North Buona Vista Drive, # 02-01
The Metropolis Tower One
Singapore 138588

  • Follow Us On
ITKZ Follow Us On LinkedIn

2024 © IT Knowledge Zone.

Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.