The Evolution of Cybersecurity
Last year we saw cybercriminals seizing a massive business opportunity.
Our rapid shift to working from home due to COVID-19, plus heightened financial, political, social, and emotional stressors presented a perfect storm:
-The consumer-grade routers and electronics we use at home are inherently less secure than the centrally managed commercial-grade devices at our offices.
-Many home networks are already compromised. In April 2020, BitSight found that 45% of companies had malware originating from an employee’s home network.
-Social engineering hacks like phishing, vishing, and smishing thrive when victims are preoccupied or fearful.
Our organizations became very vulnerable very suddenly, and bad actors did not hesitate to cash in. In March alone scammers ramped up COVID-related phishing scams by 667%. Overall, the FBI’s Internet Cybercrime Complaint Center (IC3) saw a 400% increase in reported cyberattacks in 2020.
While the events of last year presented a unique scenario for all of us, the swift and aggressive response from bad actors is indicative of a trend that will, unfortunately, persist: cybercriminals have organized themselves into a successful enterprise that continues to innovate and evolve for maximum profit.
And that profit is sizable: According to a March 2020 study by Atlas VPN, cybercriminals bring in over $1.5 trillion per year in revenue—more than Facebook, Walmart, Apple, Tesla, and Microsoft combined.
Why does it matter?
Our only option when it comes to mitigating (not eliminating) the risk of a breach is to match ever-evolving threats with an ever-evolving security strategy.
Cyber defenses cannot be “set and forget” anymore; while antivirus software, firewalls, and active monitoring tools are essential components of that defense, they are no substitute for human vigilance.
Not only that, but our concept of vigilance must recognize the potential for highly sophisticated cyber breaches that span weeks or even months. Instead of snatching valuable data in discrete intrusions, cybercriminals are siphoning it off via prolonged, methodical interactions with victims. One popular scam works like this:
-The bad actor identifies who in your organization processes payments.
-They gain access to that person’s email account, generally through a standard phishing email.
-They monitor the email account over a period of time to identify high-dollar vendors.
-They craft a spoofed domain and impersonate that vendor (think firstname.lastname@example.org
-The target receives an unassuming email from the “vendor” with instructions to remit future payments to a new account (guess whose).
-The target continues paying the fraudster until you or your vendor realizes the mistake.
These targeted exploits cost US victims roughly $1.7 billion in 2019, up 33% from 2018.
Attacks like this harm your business in two ways:
-Directly: In addition to funds stolen by a hacker, you may incur ransom payments, downtime while your data is recovered, and steep labor costs for emergency IT support. In the case of ransomware attacks, average downtime is 19 days, and costs to remediate average $730,000 for those who don’t pay the ransom, and $1.45MM for those who do.
-Indirectly: Your reputation takes a hit when news of a breach gets out (every state government requires some form of disclosure). Cybersecurity audits are becoming a popular precursor to business engagements and memberships, and 38% of businesses report losing customers because of real or perceived gaps in their cybersecurity posture.
While there will never be a silver bullet when it comes to cybersecurity, it’s imperative we adapt both our defenses and our mindset to best protect ourselves in this new landscape.
More cybercriminals are entering the space, and they are more organized, disciplined, and persistent than ever. This means that our cybersecurity strategies must rise to meet this new challenge, and that what we used to view as “advanced” measures must now become our baseline.
At minimum, we recommend you implement the following:
1. Advanced Endpoint Protection on all machines accessing corporate data. Centralized anti-malware only checks for known virus definitions. Add Next Generation protection that uses Artificial Intelligence to flag all “unusual” behavior, and either kill the process or alert a Security Operations Center (SOC) to intervene.
2. Two-Factor Authentication (2FA). Strong passwords are no longer sufficient. Turn on two-factor authentication for any accounts and systems that don’t already have it. Check regularly to make sure all accounts are covered. 2FA makes it much harder for unauthorized users to gain access to your system even if they obtain your password.
3. Backup and recovery for all cloud apps. Most popular applications (like Microsoft 365) have some backup built-in, but in a limited capacity. Do you have sufficient retention policies? Would you be able to restore files encrypted or lost to malware? Protect your Microsoft 365 email, SharePoint, Teams, OneDrive, and other online apps with a supplemental cloud backup service.
4. Firewall with Intrusion Detection. An up-to-date firewall is a start, but we recommend also employing Intrusion Detection to monitor network traffic for potentially malicious behavior.
5. Security Awareness Training. In addition to annual training, continually feed your employees security tips, and continually test with phishing simulations. It is essential that security remains top-of-mind year-round.
There are several security frameworks like NIST, ISO, and CMMC that can provide structure to your security efforts even if you aren’t subject to compliance regulations. These can feel overwhelming to tackle, but the items above will get you well on your way to fulfilling the core requirements.
Beyond this, it’s critical to embrace the mindset that a network is only as secure as its users are vigilant and adaptive. The sophistication and sheer volume of today’s cyber threats demand that:
-Cybersecurity expenditures get their own line item in your annual budget.
-Your cybersecurity posture needs annual review as new threats are emerging all the time.
Most importantly, you need a resource who is qualified to assess your specific business needs and construct a solution that coordinates the technical and human components of your cyber defense.
Heinan Landa is the Founder and CEO of Optimal Networks, Inc., a globally ranked IT services firm, the creator of Law Firm Anywhere, a virtual desktop solution that helps attorneys work seamlessly and securely from anywhere, and author of The Modern Law Firm: How to Thrive in an Era of Rapid Technological Change. After earning his B.S. and M.S. in Electrical Engineering and Computer Science from Johns Hopkins University, Heinan went on to receive his MBA from The Wharton School of Business. Featured in Legal Management, Legal Times, Chief Executive, Inc. Magazine, Forbes, CIO, and with regular appearances on ABC7, CBS9, and FOX5 TV, Heinan is a trusted leader in the legal, technology, and business spaces. For more, www.optimalnetworks.com, 240-499-7900, or email@example.com.