Cyber Security Month – Entry 1. Getting Back to Basics in Cyber Security
Kevin B M.
Cyber Executive OG, Writer, Artist #ransomware #mentoring #empowerment #winning
One thing that has become clear after working for many years in enterprise Ransomware recovery, it is time to stop with the silver bullet shiny things, blinky lights and supercalifragilistic expialidocious technology seeking and get back to basics. ?Many organizations focus on cutting-edge technologies. While they can help to defend against sophisticated cyber threats, they do less than getting the simple things right.
The vast majority of attacks exploit basic human error, vulnerabilities, misconfigurations and other security hygiene issues that are relatively easily addressed. While every public Relations notice says, “A sophisticated threat actor using highly advanced tools and techniques blah, blah, blah, accessed our systems,” the reality is that their attacker exploited an easily addressable weakness or tricked an individual into making a mistake. By following fundamental cyber security practices, businesses can thwart most attacks, significantly reducing their risk.
One of the most overlooked yet critical elements in cyber security is ensuring that software and firmware are always up to date. Cybercriminals often exploit vulnerabilities in outdated systems. Regular patching and firmware upgrades close these security gaps, preventing attackers from leveraging known exploits. Organizations must implement systematic patch management systems or services to ensure timely updates across all devices. While we all know this should be done, there are a thousand excuses for not doing it. Let’s be real, patching is boring, time consuming, must be done over night and on weekends, etc., and comes with the need for planning and processing. But in truth, there is rarely a good justification for not getting this done. That is why our firm has specialized in this problem.
Password breaches remain one of the most common attack vectors. Whether because they are weak and guessable, captured through phishing, malware or other technique, or a reused password is captured in another environment’s breach and then tried against other machines in a user’s life, threat actors are remarkably good at getting them. By implementing Multi Factor Authentication, (MFA), which requires users to verify their identity using two or more factors (e.g., a password and a one-time code), businesses can add another layer of security. Even if an attacker obtains a user’s credentials, MFA makes it more difficult for the typical attack to succeed. This is by no means the holy grail but is an easy and vital step to making it harder for the bad guys.
Many organizations still use flat networks, where once an attacker gains access to any device on a system, they can roam freely without technical roadblocks. Network segmentation limits this movement by dividing the network into smaller, isolated zones. This containment strategy ensures that even if a hacker gains access to one segment, they can’t easily access the entire network, reducing the impact of an intrusion and potential for a much more severe end result.
Attackers often leverage endpoints such as desktops, laptops, and mobile devices as their initial entry points into a network. EDR and XDR solutions monitor and analyze endpoint activities to detect malicious behavior and either report on the detection or stop the action before real damage is done. By providing real-time monitoring and automating responses to threats, these solutions help stop attacks before they spread.
Phishing remains one of the most utilized methods of launching an initial attack. Advanced email and DNS filtering and URL/Link reputation solutions can help detect suspicious emails, block malicious links or attachments, and reduce the chances of unwitting users falling victim to phishing campaigns. By filtering email traffic effectively, businesses can eliminate a significant number of initial attacks before they find success.
领英推荐
Good password hygiene is a must and something we can all contribute to our mutual defense. This means using complex, ALWAYS unique passwords (without patterns) and regularly updating them. Face it, this pain in the rear habit, is fundamental to cyber security. Organizations should encourage the use of password managers and implement policies that enforce strong, regularly updated passwords with no exceptions. This makes it harder for attackers to crack or reuse compromised credentials.
While it is true, education does not always work, and some users just either cannot be trained or do not care enough to act on what they learn, others will change their behavior and do learn to be much more cautious. Ongoing security awareness training is an essential part of employee development and without it, they are destined to be the weakest link in any security program. Regular testing, such as phishing simulations, red teaming and penetration tests, help identify vulnerabilities, educate staff on how to recognize threats and how to act when something negative happens. A well-trained workforce can be a company’s strongest defense against cyber threats, instead of its downfall.
There are more things that can be done, but these foundational security practices can significantly reduce the likelihood of a successful cyberattack. Research shows that the majority of breaches are due to simple, avoidable mistakes, such as unpatched systems, weak passwords, or users falling for phishing emails. If organizations focus on the basics—patching systems, enabling MFA, segmenting networks, monitoring endpoints, filtering email, and educating employees, many of the attacks we see every day would fail before they even get started. While advanced cyber security solutions are valuable, the reality is that solid execution of these fundamental practices will protect organizations from the vast majority of threats.
Getting back to the basics is not only cost-effective but crucial in maintaining a strong security posture in today’s ever-evolving threat landscape. So stop letting the seeking of perfect be the enemy of doing good. Get the basics right first, then go shop for the cool new toys that make you even more secure. Remember that security is a perpetual process and not a set it and forget it proposition. As the name of our company translates, Alvaka = Ever Vigilant or Always Awake in Icelandic. I hope you will do the same.
Stunning Websites, Video Clips & Graphic Design
1 个月Great article! Great advice. I saved it and had AI summarize in bullet points for reference!