EDITOR’S NOTE: IT Executive Corner is a new feature from the Tech Journal. It is meant to give Insight executives and subject-matter experts the chance to voice opinions and offer insider tips on important IT issues.
After spending more than 20 years in IT security, including many years working with threat intelligence, I’ve seen security practices at enterprises and SMBs evolve a great deal. Unfortunately, the innovation and resolve of cybercriminals has evolved just as fast, or perhaps even faster.
Many in IT security realize now that those on the “dark side” of cyber security are neither penniless nor unprofessional. They have skills and understand business. According to a study by McAfee in 2017, cybercrime cost the global economy as much as $600 billion, much of which is reinvested into new technologies, products and initiatives.
One thing I’ve seen malicious hackers and other cybercriminals continue to do well is stay with what is working. Repetition and automation are key aspects of their business strategy, just as they are fundamentals of our own.
That is why I am not surprised after reading Verizon’s 2018 Data Breach Investigations Report.
Consistent with what I have seen over the past decade, two themes consistently emerge in this report:
So, without getting too much on a soapbox, let me stress a couple of things:
This is basic blocking and tackling.
We must get back to doing basic security tasks in an era when digital transformation and cloud migration strategies are placing ever greater demands on IT resources, and when IT staffs and budgets are shrinking. While things like patching and email security may not be sexy, they are absolutely essential.
1. My advice is threefold: Put your IT security money behind the most critical things. The “peanut butter” method of spreading your budget across the bread doesn’t seem to be working. Organizations can’t keep everything as secure as they would like. Identify your most mission-critical data and the most likely attack paths and fund those security countermeasures.
2. Use multi-factor authentication (MFA) across all systems. MFA is slowly being adopted, but is still largely used only for remote and offsite employees and contractors. Very few use it for in-house corporate networks. Start using more widely in-house to give teeth to your password-protected systems. With malicious hackers’ sophisticated tools of today, passwords alone just don’t protect much of anything. More than 80 percent of hacking-related breaches are caused by stolen or weak passwords, according to the Verizon report. MFA can significantly reduce the risk related to these types of events.
3. Prioritize system patching. I’m simply repeating this for emphasis. Patching systems may not be sexy or exciting, but it does remove much of your attack surface.
Need help? A security partner such as Insight will not only extend your internal resources, but will provide current, practical advice in developing, implementing and optimizing your security posture.