TechTalk

Our knowledge to you.

How to Prevent and Prepare for Internal & External Security Threats

Cybercrime is on the rise globally. In fact, Cyber Security Ventures predicts that by 2025, cybercrime will cost the world 10.5 trillion annually. The threats are varied, sophisticated, and constantly evolving. As a result, cybersecurity services are obviously in high demand, with annual revenue anticipated to grow by nearly 10% each year in the next four years.

Companies large and small must commit to robust cybersecurity measures to ensure the safety of their businesses and, for many, their valued client’s personal information. Your fiber network provider can provide significant resources to bolster your cybersecurity.

Let’s look at some of the most prevalent threats businesses face, broken into internal and external categories as well as solid solutions to these threats.

Internal Threats

Internal threats happen frequently (but not always) by accident. Internal threats can happen for various reasons, including a poor company security culture, a lack of knowledge about security procedures, and frequently just by accident.

Earlier this year, we wrote a TechTalk that included a self-checkup security list, which is particularly helpful with hybrid employees – check it out and see if there is anything you are missing!

Now let’s review the top internal threats.

Lack of Security Awareness – This threat is almost always most rampant when a company does not have standard security practices, trainings, or employee resources. A lack of security awareness can lead to employee accidents, like clicking on a malicious email, using a USB stick from home, or sharing sensitive data with other employees who do not require or should not have access. A study by the Ponemon Institute concluded that 62% of employees reported that they had access to company data that they probably didn’t need to have.

The best way to combat this threat is to develop a strong culture of security awareness within your company. This should include regular training about cyber security and frequent updates about new threats and concerns. For example, a new phishing scheme is going around – a simple email to your entire team explaining the threat and reinforcing basic cybersecurity practices can be very effective.

Developing a “principle of least privilege” plan would be beneficial for companies storing sensitive or significant amounts of data. This ensures that employees will only have the necessary information privileges to perform their job functions. Along with having the policy, it’s good to regularly review the access levels, ensuring there is no “creeping” of access.

Malicious Employees – We all hope that working in conjunction with our HR professionals ensures that we hire quality, trustworthy candidates. However, studies have shown that as high as 25% of data breaches are caused by company insiders. So, what can we do to prepare and prevent cybersecurity threats from within our walls?

Some of the solutions for this threat go hand-in-hand with other threats, including a strong security culture. When employees are well-informed about standard security practices and expectations, they can be empowered allies for helping to identify internal threats.

Ensuring your employees’ health and well-being can be essential in safeguarding against threats from disgruntled employees. Providing employees with adequate support, time off, and access to mental health resources is undeniably crucial for various reasons – everything from turnover and productivity to even cyber security. Happy, respected employees are less likely to do something to harm their employer.

Many insider attacks happen when an employee is terminated or otherwise departs their position. Implement a solid offboarding process that ensures access to your company’s network is immediately revoked as soon as termination occurs. Additionally, monitoring former employees as they are packing belongings and giving a strict time limit to exit company premises are good practices.

Weak Passwords – Weak and easily guessed passwords are surprisingly common and a considerable factor in internal cybersecurity breaches.

Comparitech complied and shared some shocking statistics about passwords earlier this year. Among the most startling facts:

  • 59% of people have used the birthdate or name in their password
  • 43% of people have shared their password with someone else
  • Only 34% of people change their passwords regularly
  • Only 45% of Americans indicated they would change their password after a data breach
  • 42% of organizations rely on sticky notes to manage passwords
  • IT Professionals reuse passwords more than colleagues in other fields

And these stats go on and on. Fortunately this is a threat that can be managed. Employing two-factor authentication (2FA) or, even better, multi-factor authentication (MFA) ensures a 99.9% less likelihood of their account being breached.

Require larger passwords. A 12-character password takes 62 trillion times longer to crack than a six-character password.

Invest in a quality password manager system. Sound systems provide extra levels of security (encryption and MFA), password generation, and easy-to-use dashboards to administer the system. Many systems even provide business or industry-specific features.

External Threats

There is no doubt that external threats are the ones that keep IT professionals up at night and with good cause. They are costly, unpredictable, and sophisticated. When you think you’ve safeguarded against everything out there, another vulnerability is exposed. Because of this, most cybersecurity professionals operate in the realm of “when,” not “if.” Meaning it’s not a matter of if you will be attacked – it’s a matter of when.

Let’s review external threats and consider ways to prepare and prevent them.

Malware/Phishing/Ransomware – According to CISCO’s 2021 Cybersecurity Threat Trends report, about 90% of data breaches occur due to phishing. Phishing is an attempt by cybercriminals posing as legitimate institutions, usually via email, to obtain sensitive information from targeted individuals. The great majority of phishing attacks are successful because of human interaction. In other words, an employee clicks on a link or downloads a file from an email that turns out to be malicious and results in ransomware being deposited in the system.

The best practice to defend against Phishing schemes is an educated workforce. Security awareness is vital, mainly when statistics show that, on average, US employees receive 14 phishing emails a year – more than once a month.

More than 90% of Malware and Ransomware attacks come from phishing. In 2021, the average ransom paid by mid-sized organizations was $170,404, while the average cost of resolving a ransomware attack was $1.85 million. This cost includes downtime, people time, device cost, network cost, lost opportunity, ransom paid, etc. As per the US Treasury Department, the average amount of reported ransomware transactions per month in 2021 was $102.3 million.

Additionally, defending against Phishing and Malware requires an excellent anti-virus and cybersecurity software suite that is comprehensive, constantly monitoring, and regularly updating. We’ll talk more below about more comprehensive overall solutions.

DDoS – A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the regular traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks are now more frequent, more complex, and significantly impact your business. Think again if your organization seems to be doing just fine and there is no sign of a DDoS attack. The latest attacks are becoming more and more difficult to detect than ever before.

This is one area where a strong network provider can be beneficial. For example, at DQE, we offer DDoS Mitigation, where we quickly detect, respond, and mitigate the attack. Mitigation services provide an additional layer of security for business continuity.

Data Breach – These result from cyberattacks that allow criminals to access private, sensitive, or confidential personal and financial data of customers. Data breaches can occur through phishing and are vulnerable to an exploit, like a software bug or an SQL injection (SQLI), a type of attack that exploits weaknesses in the SQL database management software. Additional methods of data breaches include spyware (a form of malware) or website vulnerabilities that make private parts of a public website available when they are not supposed to be.

Previously discussed solutions like the Principle of Least Privilege and anti-virus/cybersecurity programs are excellent defenders against data breaches.

Solid Solutions for All Threats

The previous six threats are all significant concerns for every business. Fortunately, utilizing and implementing the following solutions can be helpful in preventing threats.

Backup and Recovery Solutions – Backing up your system regularly and storing the backups in various locations is vital. This is the critical step to getting your business back up and running as quickly as possible if you have fallen prey to a cyberattack. This is another area where your network provider can play an important role. For example, at DQE, we provide private and direct connectivity to top-tier Cloud Service Providers. This means your connections are private and secure and bypass the public internet.

Regular Vulnerability Assessments – Vulnerabilities are flaw or weaknesses in a system, controls, procedures, or design and implementation. Vulnerability Assessments define, identify, classify, and prioritize vulnerabilities specific to computer systems, applications, digital assets, and network infrastructures. Best practices dictate these assessments should be performed quarterly. Many cybersecurity firms offer this service and provide excellent mitigation strategies and advice for identified vulnerabilities.

Cyber Security/Anti-Virus Software & SOC – We have already discussed the need for rigid cybersecurity software. A more robust solution may likely be necessary due to the size or nature of your business. Security Operations Centers (SOC) are a service that provide constant security monitoring and alerting. Think of it as a command center that uses both intelligence and human monitoring to continuously examine systems, traffic, networks, servers, and more for any signs of a security threat. Various models of SOCs meet diverse needs, from outsourced to in-house and even hybrid models.

Strong Fiber Network – Selecting a durable, reliable fiber network to service your business needs has multiple important cybersecurity considerations. First, fiber cables are significantly more tamper-proof – it’s tough to splice a fiberoptic cable. Second, when reliability is guaranteed and trusted, your employees are less likely to be tempted to look for an alternative such as using their phone as a hotspot or, worse, public wi-fi.

Preparing for and safeguarding our businesses from cyberattacks is a constant concern. DQE Communications welcomes the opportunity to partner with companies to provide dependable, secure fiber network services. We can help provide additional security layers that hopefully will help you sleep better at night. Contact us today to learn more!