Cybersecurity 101: The Importance of People, Products, and Processes
Ray Spangler , Senior Vice President, Chief Technology Officer | Barge Design Solutions
Key Points:
The world has become reliant on digital infrastructure. Virtually transforming how we communicate, share data, and conduct daily business has benefitted users in productivity, costs, remote working, and engagement. Most interactions rely on manipulating data to complete tasks like scheduling appointments, paying bills, or ordering lunch. With the advent of smartphones, we are only an arm’s length away from this infrastructure.
On the flip side, the digital space has opened the door to cybersecurity attacks at rising levels, reportedly increasing by 71% year over year when using valid credentials1. Cybercriminals target computer networks and smartphones to access data streams to steal money, take over accounts, take down systems, or encrypt data to force businesses to pay ransomware.
While the rise in attacks may seem bleak, one study reveals that 84% of critical infrastructure incidents could have been mitigated by having best practices and security fundamentals in place 1. Understanding how cybercriminals access computer networks and how cyberattacks can evolve is key to developing a cybersecurity plan that uses people, products, and processes to outsmart cybercriminals.
Know How Cybercriminals Access Systems
Information system attacks began decades ago with the introduction of the telegraph. Criminals exploited infrastructure vulnerabilities to monitor communications during times of war and the industrial boom. Today’s digital infrastructure is much more complex, providing numerous entry points into data communication strings, intensifying opportunities for cyber threats.
While firewalls, access lists, and other tools are added to networks to amplify security, cybercriminals exploit the applications we use, such as a person’s gaming platform or a business's banking system. By capturing personal and professional information from cloud-based architecture, cybercriminals can use this data and analytics to apply for a loan or completely disable a corporation.
In companies where employees have login access to their network, criminals can acquire their employee credentials for initial entry into the infrastructure, moving laterally throughout the network to gain higher-level access. This can have a dangerous outcome, leading to one of today’s most destructive cyber threats – ransomware attacks. Understanding cybercriminal entry points is a business’s first defense against these unwanted acts.
Keep Track of Cybersecurity Trends
The evolution of AI and automation creates more efficiency in our professional and personal lives. These same technologies also enhance the capabilities of the cybercriminal. Well-crafted AI messaging makes phishing (email), smishing (text), and vishing (voice) attacks more realistic and compelling. Imposters who send deceiving emails can replicate branded imagery and URLs, they can also mimic the voices of reputable sources to instill fear or urgency. Staying vigilant and a step ahead of cybersecurity trends are essential to protecting your business or personal information.
As AI and automation capabilities grow, cyberattacks could become more complex with increasing threats. A recent IBM X-Force Threat Intelligence Report analysis supports this projection, revealing a correlation between past technology adoption and security exploitation1. In addition, a 2024 Verizon Data Breach Investigations Report (DBIR) shows the exploitation of vulnerabilities to initiate a security breach has almost tripled compared to previous years2. One-third of the breaches involved ransomware, and the other 68% involved the human element. Attackers are shifting to logging in rather than hacking in, gaining access to user credentials for the path of least resistance.
Empower People as Cybersecurity Defenders
You and your employees are a human firewall, the frontline defense against social engineering tactics. These attacks can be relentless, accounting for 98% of cyberattacks, with 70% of data breaches starting with phishing or social engineering attacks. 3 As a business leader, it is critical to provide training to help people better identify and understand the tactics, techniques, and procedures (TTPs) used by cybercriminals.
Cybercriminal TTPs include being mindful during Internet searches to bypass fake ads or links that lead to bogus sites that yield slightly different Uniform Resource Locators (URLs). Email phishing is another common technique, where criminals send emails from what appear to be reputable sources to urge recipients to enter credentials on a fake sign-in page. Adversaries also use spear phishing, tailoring emails to specific individuals or organizations. Smishing attempts send fake texts from high authorities – such as C-suite executives – to lure people into providing personal information.
Educating employees on how to recognize these everyday tactics is crucial. Simple things can test the validity of messages to protect your business, like checking for inaccurate email addresses, invalid URLs within the embedded links, a false sense of urgency, and whether messages were expected or part of standard processes.
You and your employees are a human firewall, the frontline defense against social engineering tactics.
Choose the Right Products for Cybersecurity
As a chief technology officer, I’ve seen social engineering tactics used in real-time. These are the moments when having the right products can make a difference in your company’s security.
Just like the human firewall, these tools provide an added layer of defense. Firewalls, network access controls, or filtering mechanisms block connectivity from unwanted or unknown entities. They can alert you of abnormal activity or automatically act on a predefined event. Standard antivirus or anti-malware software helps mitigate those primary threats.
Today, we have access to more advanced email filtering tools, which protect against spam, malware, and phishing. The latest tools have incorporated AI and generative AI to determine and test malicious inquiries or links. Knowing which ones to use for your cybersecurity plan is a key step in protecting your business, which leads to the most essential part of a cybersecurity plan.
领英推荐
Develop a Well-Defined Cybersecurity Process
You can have all the best people and products to secure your company network. Still, without a well-defined process to connect the two, vulnerabilities can linger for a potential disaster.
The 2023 MGM cyberattack is a prime example of a security plan falling short. The breach was triggered by a single phone call to the help desk for a password reset and cost the company approximately $110 million?. That doesn’t even consider the costs associated with employee efforts or damage to the MGM brand.
Another breach in 2024 for a large hospital system was also attributed to a simple act – an honest mistake. According to the hospital, an employee accidentally downloaded a malicious file that was thought to be legitimate. This could have been avoided with proper employee training, robust alerting tools, and efficient response processes in place.
Well-documented security policies and processes provide consistency and standardization, creating a foundation for a strong cybersecurity culture. Scheduling regular security training with timely examples bolsters the human firewall that is key in today’s culture.
When creating a business cybersecurity plan process, consider adding these four elements developed from years of industry experience.
You can have all the best people and products to secure your company network. Still, without a well-defined process to connect the two, vulnerabilities can linger for a potential disaster.
1.?System monitoring, alerting, testing, and validation?System monitoring and alerting, testing, and validation against the latest threats are part of the cybersecurity process to identify security gaps. The results can seem overwhelming. Focusing on the high-priority items first and working through the gap analysis helps manage the process.
2. User engagement In its cybersecurity chain of IT systems, software, networks, and people, the weakest link is the latter – its people. One report shows up to 74% of data breaches involve the human element, revealing gaps in an organization’s security awareness training and culture?. This is why including user engagement in your cybersecurity process is so important. Raising this awareness among employees strengthens the human firewall aspect of your security chain. This can be a daunting task for some companies in terms of the cost of security awareness training. However, when the average cost of a data breach today is approximately $4.45 million?, what is the potential cost of doing nothing?
3. Data Strategy Today, all companies are data companies, whether they realize it or not. A successful security process must include a solid data backup strategy – and it’s not just about planning and deploying backup processes. Monitoring, alerting, and resolving are all part of the data system process, including consistent, well-documented testing and validation as a primary focus of the incident response.
4. Growth Potential Many businesses share a common goal for growth, whether for employees, clients, or the bottom line. So, it makes sense to have a cybersecurity process that grows with them. Businesses need a cybersecurity process to expand and adapt to an ever-changing cybersecurity landscape.
Cybersecurity In the Future
No cybersecurity plan is 100% effective. Examples of successful data breaches are everywhere, from water utility companies and financial institutions to local governments and hospitals. There are known threats after financial gain and the very infrastructure we rely on for our daily lives. This battle will only strengthen as automation and AI increase within this environment. It is up to us as business leaders to direct the fight with engaged people, proven products, and efficient processes to help protect the businesses and personal sectors we have been entrusted to secure.
About the Author
Ray Spangler is senior vice president and chief technology officer at Barge Design Solutions . He has over 30 years of experience in strategic planning and infrastructure development, beginning his career as a data entry and application specialist. After serving six years in the United States Air Force, where he spent much of that time in a combat communications group, he was deployed to Saudi Arabia during Operations Desert Shield and Desert Storm and to Mogadishu, Somalia, during Operation Restore Hope. His roles in specific information technology have included performing as a Network Operations Center (NOC) technician, an implementation technician deploying network infrastructure, a network engineer architecting and directing system and network integration, and leading multidisciplinary teams in the physical and virtual network space.
References
? https://www.infosecinstitute.com/resources/security-awareness/human-error-responsible-data-breaches/
The synergy between people, products, and processes is crucial for effective cybersecurity. It’s clear that a well-rounded approach, including continuous training and the latest tools, is key to staying ahead of evolving threats.