What a year 2020 has been so far, if someone had told us this time last year what would be happening in the world today, I for one certainly wouldn’t have believed them. The pandemic threw us all back in March this year, suddenly companies had to mobilise their workforce to work remotely. For many this was completely out of their comfort zone and was not on the strategic vision of the business. Many companies simply did not have the IT equipment or the infrastructure to enable this to happen smoothly, let alone securely. I have personally heard horror stories about people using laptops that are 10+ years old with no security software on them at all, however still having access to the crown jewels of a business its data and IP, in the same way as if they were in the safety of the secure office environment. A big concern for me is the latest data that IBM has released about breach containment; this now sits at a staggering 280 days from compromise to containment. In reality this means that if a business was compromised back in March when they enabled people to work from home they won’t know about it until December, that is 9 months where their data has been sitting for sale on the dark web to the hacker community without any knowledge of it. Fast forward to now, many businesses still have a large proportion of their workforce working from home and this doesn’t seem likely to change in the near future, so what can they do to help improve the security of their business and reduce the risk exposure before it is too late?
One of the most successful ways cyber criminals gain access to a business is using phishing attacks. To complete this successfully the hacker needs to convince the individual that they are legitimate and trustworthy to enable the person to click on a link or fill in a form, that will compromise their details or download malware onto their system. The pandemic has given us all a level of uncertainty about our future and for many a real concern about finances. The problem with this is that these staff members that are vulnerable financially will be more susceptible to click on a phishing email that entices them with the opportunity to win money. The way that hackers persuade so many people to do this is through convincing them that they are who they say they are. Social engineering is all about gaining the details so that it entices as many people as possible to do what the hacker wants and is why it is involved in 99% of cyber-attacks. So, what can a business do to stop this? we have come up with some elements that we think every business, no matter on their size should be implementing:
1. Deploy security tools
These do not have to be massively expensive, however need to be in place to protect your business, as a bare minimum should involve:
- Endpoint Protection (laptop, mobile etc.)
- Secure Connection to access sensitive data (VPN)
- Ensure passwords are changed regularly and are complex
- Look at deploying a password vault to force this
- Email Security
- Multi-factor authentication
2. Test your staff
Conduct simulated phishing tests to identify members of staff that could be more susceptible to these techniques. Don’t just do this as a one of activity do this on a regular basis and in a variety of ways to ensure that your staff are your strongest line of defence against hackers. Organise regular vulnerability scans to identify potential gaps in your systems before they are exposed.
3. Train your staff
Provide them with regular training to give them the knowledge to identify things that just don’t look right. Encourage your staff to report it to you, even if they have clicked so it gives you time to do something about it. We advise that you provide more tailored training to business units that are likely to be targeted, such as the finance team and provide them with more bespoke intense testing and training.
4. Conduct Executive Impersonation Investigations
As I mentioned earlier social engineering is involved in 99% of cyber-attacks, we advise identifying the risk exposure from an executive level. Clarifyi offer a service where we conduct a detailed forensic investigation on both the open and dark web to demonstrate what information we are able to access about the executive team so they can improve their security settings and look to embed security protection within the business. If you want to find out more about this service, please get in touch.
5. Investigate the Dark Web
How many times have you heard the phrase ‘we didn’t know we had had a breach’. Utilising the title of the blog the average time for a breach to be contained is a pregnancy. That is over 9 months on average where data will be available on the dark web before a breach is discovered. Clarifyi believe that you can dramatically reduce your risk exposure if you ascertain early that your data is exposed. Therefore, limiting the time the criminals have to use the compromised data to defraud you. In the IBM report they highlight that if you reduce the breach containment timeline down to 200 days you can save over 2/3rds of the average breach cost. Clarifyi offers a service where we shorten the timeframe to detection of compromised data on the dark-web, enabling businesses to swiftly identify security gaps and mitigate the damage caused by the misuse of exposed data as early as possible. In my opinion it is imperative to identify breaches as early as possible to minimise the costs to a business in the long run. If you would like to hear more about this service, then please get in touch or visit our services pages.
In conclusion it really shouldn’t be all doom and gloom, there are quick steps that we can all take whether we are business owners or members of staff to protect ourselves and the businesses we work for. The pandemic has given us huge challenges but don’t let security be one, follow our tips and get in touch if you need our support with implementing any of the elements we have mentioned, we are forensic experts so let us help you so that you can focus on steering your business through these challenging times.