IT and cybersecurity is an integral part of all businesses security planning. The prevailing model for most businesses when considering securing their information is to implement and integrate new IT hardware, software and firewalls. With so many examples of data breaches occurring it is important to reconsider the way we look at IT/Cybersecurity and the approach we take to ensuring business continuity.
Some threats that are seldom considered are the insider (including outsourced staff and contractors), lack of physical security controls to protect sensitive equipment and relaxed information security governance. Although listed separately they are not mutually exclusive.
Recent examples of insider threat were seen when a Bupa employee inappropriately copied and removed the details of 500,000 members. This type of data breach could have been avoided through the use of personnel security vetting and tighter access controls. Including limiting what can and cannot be downloaded from Bupa’s systems. The potential for this type of breach can be further mitigated by reducing access to server rooms/stacks that allow access to massive amounts of stored data, including tracking of who has entry to these areas, can be a great deterrent and an easily auditable way to identify personnel involved with data breaches. Simple mistakes like this can cause huge reputational and financial damage to a company.
An emerging trend in cyber-attacks is known as the fileless (in memory) attack. These are techniques allowing the attacker to bypass traditional security/antivirus technologies as they do not need to write any files to disk. Having good IT/information governance procedures in place, not opening unknown or unexpected emails/attachments, having controls for accessing only certified websites and daily shutdown/reboot can reduce the potential impact and harm of these types of attacks. For a more generic fileless attack, simply shutting down and rebooting your computer will mitigate it. A much more sophisticated version of this type of attack was the “Wannacry” malware that recently used to shut down multiple companies and government systems worldwide.
When you are involved with the problem there is a greater chance of missing pertinent information and issues. Conducting security threat and risk assessments and creating security plans can be an arduous task for employees who are already busy dealing with the day to day activities of a company. The process of a security threat and risk assessment should be performed by reputable security risk consultants to ensure that all the vulnerabilities are Identified and are up to date with industry standards and technology.
For further information on the holistic approach to IT/Cyber Security and services we provide to help identify and mitigate risks and integrate risk controls please do not hesitate to contact Agilient.
The Agilient Team