Protecting Your Organization from Emerging Threats in Cyber Security

Individuals and organizations rely heavily on SaaS providers, vendors, consumer platforms, IT departments, and, well, employees, to ensure cybersecurity measures are being taken. Unfortunately, this has left us with Facebook’s 533 million users’ data leaked, Microsoft’s 250 million customer records exposed, Capital One’s 100 million accounts breached and many more examples. 

The most recent example is just recently, Colonial Pipeline’s US$5 million ransomware cheque to Eastern European hackers after a crippling cyber attack shut down the largest fuel pipeline network in the United States. Source: (Bloomberg News)

Although these are large organizations that are regularly targeted for the data, information and deep pockets they hold, we are seeing these threats on a smaller scale as well. In 2020, the FBI saw a 300% increase in cybercriminal activity, with 80% targeted at small-medium-sized businesses.  

The rapid and exponential growth of digital use and the more recent shift to remote work due to the COVID-19 pandemic have left many unsecured gaps that hackers are constantly looking to exploit for financial or other gains. The saddest part? The chances of catching and prosecuting a cybercriminal is approximately 0.05% according to the World Economic Forum's Global Risks report, meaning reactive strategy is only a small part of the equation. 

There is more responsibility than ever for individual, organizational and collaborative efforts to protect ourselves and each other from new threats including more and more sophisticated ransomware, malware, phishing and distributed denial-of-service (DDoS) attacks. 

Working with a small portfolio of high-value clients in Saskatchewan and nationally here at zu, we must continually stay up to date with emerging technologies, trends, threats and practices in order to maintain strong information security controls. We do this to ensure zu’s and our client’s information, PI and PII, in transit and at rest, is custom-fit to requirements and policies (while continuously being updated & improved upon).

This is a fitting topic of discussion both due to the latest headlines but also because a few of the zu crew recently attended IT World Canada’s MapleSEC virtual conference. This conference is aimed at business and government leaders interested in practical approaches to ensure organizational protection from growing cybersecurity threats. Below we will provide some simple yet practical takeaways for creating a risk management culture and protecting yourself from the new threats on the horizon.

Dollar for dollar, security awareness is among the best investments your firm can make

- David Shipley, Founder of Beauceron Security Inc.

5 Ways to Help Protect You from the Emerging Cyber Threatscape.

1. Password & Computer Security 

It’s no secret that passwords have substantial value to criminals. The importance of secure, complex and unique passwords is key to ensure personal and organizational information is safe. 

• Platforms, Devices and Networks should also include two-factor authentication whenever possible. The use of multi-factor mechanisms such as 2FA adds further security constraints to a user's login by verifying the user against a secondary source. 
• Passwords should include a minimum of 8 letters with upper and lower case letters, numbers and symbols, unique to other passwords across platforms. 

2. Virtual-Private-Networks (VPN)

A VPN gives you online privacy and anonymity by creating a private network from a public internet connection, including your own home network, and is highly relevant due to the number of remote workers today. VPNs mask your internet protocol (IP) address so your online actions are virtually untraceable. Most importantly, VPN services establish secure and encrypted connections to provide greater privacy than even a secured Wi-Fi hotspot. This will ensure internal resources and is doubly encrypted with both the standard encryption protocols in use for the given service as well as the encryption of the VPN connection. 

3. Active Server & Site Monitoring 

Active server and site monitoring for penetration and intrusion detection are incredibly important to ensure your website, underlying software and information are safe from unwanted outside sources. These malicious attacks can include Code Injection, SQL Injection, Path Traversal and Application Denial of Service (ADoS). We recommend a couple of tools for security, penetration and intrusion testing/detection. 

• OWASP® Zed Attack Proxy (ZAP) is the world's most widely used web app scanner. ZAP provides automated scanners as well as a set of tools that allow you to find and address security vulnerabilities. It’s designed to be used by people with a wide range of security experience and is ideal for developers and functional testers who are new to penetration testing.
• Nagios is open-source software for continuous monitoring of systems, networks and infrastructures. Nagios provides the tools necessary to monitor a number of server health and functionality indicators to ensure there are no issues developing such as DDoS attacks attempting to bring down a website by flooding it with more traffic than it can handle.

4. A Cyber Secure Organizational Culture

According to a study from Willis Towers Watson, nearly 90% of cyber-attacks are caused by human vulnerabilities—winning in cybersecurity comes from the top-down by stressing and communicating the importance of information security in your organization and each employee’s role in it. A truly cultural shift. 

It means creating an approachable environment for employees to come forward with security concerns. It means regular meetings and training prompting action towards known risks to ensure personal, coworkers, partners and vendor information is safe. And it means formalizing onboarding and offboarding manuals on top of regular testing and updating schedules. Cybersecurity both organizationally and individually should be a muscle reflex.

5. Reactive Cyber Security for WHEN an Attack Happens

Many security experts say that it’s not a matter of ‘if’ a cyberthreat will impact your organization, it’s a matter of ‘when.’ Security, and specifically, cybersecurity is best approached in layers and being reactive is an important layer that a lot of companies ignore. This means reacting to minor, common attacks like email and ad spam, all the way through to roles and procedures when an urgent and critical breach of security happens. 

Here are a few tactics for reactive cybersecurity.  

• Having information & data backups in place with regular testing to make sure you can restore from them. 
• Creation of an internal and/or vendor Hour One Team (HOT)—a team that reacts to any potential security breaches in the first hour, as after that you may lose control depending on the threat. 
• Creating ‘Playbooks’ by addressing and simulating potential security scenarios and how the company will handle them. 
• Review and retrospect past instances, both internal and external, and the response that followed to ensure you are more prepared for the next threat, which is likely to be more sophisticated as well.