Why all the fuss over Cybersecurity?

Threats are real

Lets face it, there are people that target your network and users with bad intentions.  The threat landscape is real and ever changing. According to the major findings section within Cisco’s 2017 Midyear Cybersecurity Report;

  • Business email compromise (BEC) has become a highly lucrative threat vector for attackers. According to the Internet Crime Complaint Center (IC3), US$5.3 billion was stolen due to BEC fraud between October 2013 and December 2016. In comparison, ransomware exploits took in US$1 billion in 2016.
  • Spyware that masquerades as potentially unwanted applications (PUAs) is a form of malware—and a risk that many organizations underestimate or dismiss completely. However, spyware can steal user and company, weaken the security posture of devices, and increase malware infections. Spyware infections are also rampant. Cisco threat researchers studied three select spyware families and found that they were present in 20 percent of the 300 companies in the sample.
  • The dramatic increase in cyber-attack frequency, complexity, and size over the past year suggests that the economics of hacking have turned a corner, according to Radware, a Cisco partner. Radware notes that the modern hacking community is benefiting from quick and easy access to a range of useful and low-cost resources.
  • When it comes to enterprise security, cloud is the ignored dimension: Open authorization (OAuth) risk and poor management of single privileged user accounts create security gaps that adversaries can easily exploit. Malicious hackers have already moved to the cloud and are working relentlessly to breach corporate cloud environments, according to Cisco threat researchers.
  • In late 2016, Cisco threat researchers discovered and reported three remote code-execution vulnerabilities in Memcached servers. A scan of the Internet a few months later revealed that 79 percent of the nearly 110,000 exposed Memcached servers previously identified were still vulnerable to the three vulnerabilities because they had not been patched. 

What you should know 

Set aside the nasty Hackers, your users pose the biggest threat to your network and systems. A comprehensive Cybersecurity practice will significantly decrease your changes of a malicious attack, virus or user error.

Common mistakes:

  • No patch/update plan
  • No USB lock/control
  • Inadequate firewall protection
  • Inadequate anti-virus protection
  • Poor password management
  • Disabled System Locks
  • Excess Access
  • Insufficient user tracking
  • Lack of identity access management
  • Unsecured wireless access points
  • No change management policies

All aboard. Implementing a cybersecurity practice requires an on-going corporate wide commitment with clearly defined objectives.  

What you can do

Implement a cybersecurity practice

Initial steps

Flows: It is impossible to build a practice without an understanding of the flow of information to and from internal/domain users and external users.  A data flow document connecting all the dots is a helpful guide.

Assessment: With all the moving parts of IT, it can be difficult to determine what is and isn't working. Are the best practices in place? What areas require immediate attention?  Do I have deep visibility into IT assets?  A network or site assessment report is needed for the design of your layered security practice. 

Design steps

The abbreviated Design steps segments the IT environment in (7) layers Users, PCs, Servers, Network, Mail Systems, Mobile Devices and Cloud.

Users - Action Items

  • Password Policy
  • Identity Access Management
  • Phishing Awareness 

PCs (Desktop/Laptop) - Action Items

  • Patches/Updates
  • Anti-Virus/Malware
  • Lockdown
  • Monitoring
  • Administration 

Servers - Action Items

  • Patches/Updates
  • Anti-Virus/Malware
  • SSL
  • Monitoring
  • Administration

Network - Action Items

  • Firewall
  • WAP
  • VPN/Tunnels
  • PenTest/IPD
  • Monitoring
  • Administration

Mail System - Action Items

  • Anti-Virus
  • ATD
  • eDiscovery
  • Archiving
  • Encryption
  • Backup 

Mobile Devices - Action Items

  • Patches/Updates
  • Anti-Virus/Malware
  • Lockdown
  • Monitoring
  • Administration

Cloud - Action Items 

  • DNS
  • Monitoring
  • Administration 

The 3rd step being implementation.

Share this Story:

Jeffery Travis is the founder of Endeavor Services Group. He handles a variety of responsibilities at the company, including corporate strategy, organizational development and performance goals. He has worked with companies ranging from small businesses, non-profits to multi-billion-dollar corporations through the US developing and delivering services that improve the use of technology while mitigating risk.

Jeffery launched his IT career working for GE Capital, then moved on to become a founder and Managing Director of GL Solutions. He holds a BS in Organizational Management from Keuka College, an AAS in Business Management from Dean College and served six years in the Massachusetts National Guard as a 76Y and 76V.

Outside of work, Jeffery is the Founder and Executive Director for Miracle Fest, Inc., that hosts an annual community fundraiser in Corning, NY. When he’s not giving back, he’s spending time with his family, kayaking, hiking, fishing and coaching youth sports.