Cybercriminals keep developing new attacks and increasing the intensity of their attacks. They make more targeted attacks than before and expand their net to include smaller businesses. In 2022, 69% of organisations that suffered cyber attacks were victims of targeted attacks. 39% of UK small businesses reported suffering a cyber attack. Most attacks target sensitive data, including personally identifiable information and trade secrets. A large chunk of attacks are ransomware attacks that threaten to make public sensitive data unless the enterprise pays the ransom. CIOs need to be vigilant and up-to-date on the latest threats. Here are the effective approaches CIOs can take to safeguard enterprise data.
1. Invest in the latest technology.
Over the last decade, businesses have spent millions to secure their network perimeter. They deployed firewalls, intrusion prevention systems, data loss prevention technologies, gateway filtering technology, and monitoring services to keep hackers and malicious code exploits at bay.
These systems still hold their relevance but work only when upgraded to the latest versions. But with the changed realities, these deployments are by no means sufficient.
CIOs can no longer sit back and relax after installing these standard protection suites. They have to:
- Employ advanced endpoint protection solutions, including anti-malware software, host-based firewalls, and endpoint detection and response (EDR) tools. These deployments detect and prevent malicious activities on endpoints.
- Implement robust security monitoring systems (SIEM) solutions, along with intrusion detection systems (IDC), to detect and respond to security incidents in real time.
- Automate time-consuming and resource-intensive tasks such as rule clean-up, network segmentation, policy optimisation, compliance audits, and policy validation. Automating these time-consuming tasks makes it easy to address regulatory requirements and reduce the risk of penalties.
The latest security suites based on artificial intelligence and machine learning offer powerful threat detection and response capabilities. Today’s cybercriminals have become sophisticated and launch potent and targeted attacks powered by artificial intelligence. AI-based security technologies fight fire with fire. Co-opting predictive analytics can help anticipate attacks and respond more swiftly.
Effective CIOs evaluate the specific security needs of the enterprise and select needed technologies. They implement a layered security approach that uses a combination of preventive, detective, and corrective controls. Preventive controls, such as firewalls and intrusion detection systems, block unauthorised access. Detective controls, such as log monitoring and auditing, identify suspicious activity. Corrective controls, such as incident response plans, minimise the damage caused by a breach.
2. Regulate the data
The spread-out nature of today’s networks makes it impossible for enterprises to secure their turf. Vast amounts of sensitive data reside outside the enterprise walls. CIOs could focus on the data itself.
Ensure only authorised eyes can access sensitive data from when generated until it exits the enterprise. Sensitive data include customer records, employee data, financial statements or other trade secrets.
The time-tested way of encryption is still the best option to protect data in motion and at rest.
Use robust encryption communication protocols. Repository- or container-based encryption approaches do not work. These approaches require the sender and receiver to apply the encryption and maintain the protection. Full disk encryption is also inadequate, as it depends on the strength of the access control. It does not factor in when an authorised user becomes unauthorised due to termination.
3. Set robust policies
Encryption is a good first step, but it does not secure the data when used within applications. The way to safeguard data in use is through control privileges or rights.
Smart CIOs enforce policies to complement robust technology and data protection efforts. They:
- Implement strong identity and access management (IAM) policies.
- Include multi-factor authentication and role-based access controls.
- Apply the principle of least privilege and review access rights from time to time.
- Consider the zero trust approach, where the system authenticates users for every transaction.
- Make data traceable. Monitoring who edited, copied or pasted data, and when and how fixes accountability. Audit trails highlight compliance violations.
- Update and patch systems. Regular patch updates address known vulnerabilities and protects against the latest threats.
A security policy outlines the enterprise security blueprint, including dos and don’ts. It covers topics such as password management, data encryption, and acceptable use of technology.
4. Be prepared for breaches
Threat actors go about their tasks relentlessly. It is only a matter of time before the enterprise succumbs to an attack, the best security deployments notwithstanding.
CIOs could adopt the following strategies to protect the data even if a breach occurs:
- Segment the network. Divide the network into multiple segments or zones. Such an approach isolates critical assets in the event of a breach.
- Engage in continuous monitoring. Deploy network monitoring tools and scan the network. This helps identify and respond to potential security incidents in real time, reducing the impact of any breaches. Review security logs to identify any threats that real-time monitoring tools may have overlooked.
- Conduct periodic risk and vulnerability assessments, including penetration testing. These tests identify weaknesses in enterprise systems, applications, and critical data. Remediate the vulnerabilities before attackers exploit them.
- Develop and maintain an effective incident response plan to handle incidents. A good plan co-opts detection, analysis, and recovery.
- Have a disaster recovery plan. Include regular data backups and alternative communication channels in the plan.
5. Develop a strong security culture.
If investing in technology was adequate, the world would have been free of cyber threats. Effective security depends on a security-conscious culture across the board.
- Offer employees the tools and the training needed to work with a security-conscious approach. Provide them with training on how to identify threats and how to work safely.
- Empower employees by giving them ownership. Ownership makes them responsible and more vigilant against threats.
- Have a mechanism in place where employees can report suspicious activity.
- Educate employees about security risks through training, awareness campaigns, and security newsletters.
6. Adopt a collaborative approach.
Cybersecurity is now a top-level strategic concern and no longer an IT issue. But the onus is on the CIO to engage the board and the C-suite in cybersecurity discussions and ensure adequate funding.
- Have a proactive vendor management policy. Many breaches happen through third-party vendors. Thorough vetting of all vendors reduces the risk.
- Partner with security vendors who bring expertise and resources to the table. Security vendors have cyber security as their core focus and remain updated on the latest technologies.
- Engage with external stakeholders, including industry groups and government agencies, to stay updated. Collaboration provides insights and resources to enhance the organisation’s cybersecurity posture.
Smart CIOs use powerful tools such as Tufin. Tufin gives enterprises complete visibility into network configurations and segments. The tool unifies security policies and enforces consistent policies across diverse environments. Automated policy enforcement improves compliance and reduces misconfiguration risks. End-to-end visibility pinpoints incidents and triggers remediation actions in real time.