how to make your own website


Cyber threats and how we combat them

Cyber security is now essential to business strategy and client trust. You may be looking to learn more about the industry and what’s involved because:
• Digital and remote work is here to stay
• More industries are facing cyber security regulations
• Cyber crime is on the rise

Below is a breakdown of cyber threats, vulnerabilities, and methodologies.

—Threats—

Insider threats

Associates accidently or purposefully leaking information to various cybercriminals or for personal financial gain

Cybercriminal threats

Ranging from amateur malware and phishing attempts to individual or group hackers, the most sophisticated using advanced persistent threats. Their purpose is to do one or more of the following:
• To steal data and/or money
• To stop a company’s business operations
• To ruin reputations
• To promote political or social change
• Or for some other financial or perhaps reputational gain 

Disasters

• Natural disasters, such as destruction from fires, flooding, power surges, etc.
• Business disrupting events, such as internet and power outages
• Equipment failures

Common vulnerabilities cybercriminals use

• Social engineering and phishing scams designed to trick associates into leaking credentials or information or downloading malicious software (malware, etc.)

• The internet of things (IOT): unsecured devices and software(s) that are connected to the network. Think of your business’s camera systems, DVRs, badge access system, timeclocks, smart thermostats, smart TVs, and literally anything else that connects to the internet, syncs with a smartphone application, etc.

• Open networks: anyone being able to connect to an organization’s internet, including guest Wi-Fi for example

• Flat networks: network setups that make it easier for hackers to access all/many users or all/much of the organization’s protected data

• Using public-facing applications: your line of business application (LOB), project management software, customer relationship software (CRM), etc., any of which could be unsecure

• Outdated hardware and software to exploit

• Mail applications or remote access tools (VPN, etc.) that are unsecured, unmonitored, or compromised

• Untrained, careless, or malicious employees

• Individuals and IT equipment using default, weak, or shared passwords

• Overprivileged associate accounts that can download unsecure or malicious software that endangers the business

• Unnecessary employee access to all or most of a company’s data and protected information

• Unsecure, unencrypted communications and sharing of protected data

• Company equipment being utilized for personal use

• Vendors who have few-to-no processes in place for cyber security


—How we combat them—

Protect

Monitor

Respond

—Protections—

Out of the box configurations are not appropriate for business production environments (networks in use). Attackers often utilize out of the box flaws to access an organization’s systems. We add additional layers of protection through encryption and specialized configuration based on best practices. Secure configuration includes things like firewall rules, network access controls, limiting login attempts, and having secure remote access through a virtual private network (VPN).

Refers to physically keeping different data on separate networks. That way if a cybercriminal gains access to one network, they will a) not be able to take down the entire company's operations, and b) have limited-to-no access to your business’s protected information.

We can encrypt data at rest (being stored on a sever, etc.) and data in transit (when being sent or shared internally, with vendors, etc.)

Mobirise

• Access controls: to only grant access to protected data to select individuals that truly need it to do their jobs; this also includes requiring strong passwords, regular password updates, and multifactor authentication
• Media controls: prevents transferring company data onto a USB, off a company cellphone, or to cloud services
• Removing local admin rights: prevents accidental or purposeful download of malicious or vulnerable software
• Restricting users from executing privileged CMD or power shell commands

Controlling access to administrator accounts, such as by IT staff, including identifying who accesses them and when.

Ongoing cyber awareness training is key to teaching employees to protect themselves and the company from cybercriminals because cybercriminals are using more and more sophisticated social engineering and phishing tactics to trick people into compromising themselves and their organizations.

• Vendor security: third party risk management of upstream and downstream providers
• Managing outdated software
• Personnel security: everything from background checks to onboarding and termination processes, especially auditing and removal of accounts when employees leave

Mobirise

—Monitoring—

SIEMs allow you to identify threats early, helping you appropriately respond to them. They will:
• Monitor disk space
• Generate server compliance reports
• Integrate with malware and spyware protection software
• Identify insider threats using user account monitoring to get insight into:
—Failed login attempts
—What files people have access to and when they accessed them
—What time individuals connect to the VPN
—What software associates have on their PCs and if versions are vulnerable
—Potential malicious behavior (e.g., visiting malicious sites, installing malware, or other attacks)
—Separation of duties to avoid misuse of privileged accounts 

Monitoring logins, program health status, changes, etc.

Mobirise

—Responding—

Writing and testing procedures, including:
• Incident response plans
• Data breach response plans
• Recovery plans

Using offsite backups and performing test recoveries.

Mobirise

© Copyright 2021 Curator Cyber Security - all rights reserved