Knowing the enemy:
“IF YOU KNOW THE ENEMY AND KNOW YOURSELF, YOU NEED NOT FEAR THE RESULT OF A HUNDRED BATTLES. IF YOU KNOW YOURSELF BUT NOT THE ENEMY, FOR EVERY VICTORY GAINED YOU WILL ALSO SUFFER A DEFEAT. IF YOU KNOW NEITHER THE ENEMY NOR YOURSELF, YOU WILL SUCCUMB IN EVERY BATTLE.”
SUN TZU, THE ART OF WAR
This may be a quote from the 5th century BC, but it still resonates today. It is time to get ahead of the problem and know the enemy.
Cyberwarfare has serious consequences, and organizations need to be prepared to thwart attacks.
Being properly prepared
Unfortunately, cybercrime is becoming a fact of life. It is a highly lucrative enterprise, and as criminals continue to force ransoms out of victims, the business cycle continues, meaning more companies will inevitably be attacked. Ignorance is not acceptable in 2022 and data protection should be significantly improved.
By treating cyber security as a cost center and investing in intelligence, organizations can avoid far more expensive remediation costs and the reputational damage downstream. The more time and money invested into the protection of data here and now, the smaller the risk for a company to be attacked down the line.
While cyber-attacks and threats are an ongoing fight, they can be prevented by being aware of the various types of protocols, exploits, tools, and resources used by malicious actors. In addition, knowing where and how to expect attacks ensures creating effective preventative measures to protect your systems.
Prevention is the best cybersecurity defense
While it is the optimal solution, preventing a data breach is neither simple nor easy (when sufficient safeguards are enabled). Proactive organizations address the difficult situation and are prepared for something that has not yet happened. They forecast the future risks of cyber and privacy threats. Doing so often entails pouring through mountains of data to find a needle in the haystack – a piece of malware or a threat that can compromise critical data.
Preventing a breach in your network and its systems requires protection against a variety of cyber threats. For each attack, the appropriate countermeasure must be deployed to deter it from exploiting a vulnerability or weakness. The first line of defense for any organization is to assess and implement security controls.
The risk of cyberattacks has had a looming presence in computing for longer than most people are willing to admit. What many failed to realize, however, is that despite significant efforts to secure and protect their organizations, this cyber battlefield has accelerated on several technical fronts. What has happened in the last several months should not shock anybody as many experts have been warning about this for years. Multiple factors have driven us to this point, including:
ü Poor architectures
ü Poor awareness of risks
ü Legacy IT system
ü Security gaps
ü Software supply chain vulnerabilities
ü Cheaper, more available means of cyber attack
You can prepare for and minimize your exposure to cybersecurity threats by implementing thorough, careful preventive measures. To help you get started, below are some key factors to use in evaluating your company’s current state and identifying weaknesses to correct.
What data do you handle – insensitive, regulated personally, identifiable information, and key confidential business information,? Do you need to keep all of it?
Access to information — Who has access to your information and log-in credentials to your networks. What companies’ information and networks do you have access?
Encryption — How robust is your data encryption? Encryption converts data into a code to make it unreadable. Encrypting data makes it less enticing to a cyber-criminal because the data’s value is lost if it cannot be decoded or read by the cyber-criminal. Encrypting data also may provide a safe harbor in the event of a data breach because many state laws and federal laws exclude sensitive information from the definition of a breach if the information subject to the breach was encrypted.
Do you have up-to-date privacy and data security plan and have you assessed whether it is in compliance with current laws, regulations, and contractual requirements?
Have you identified a breach response team with both internal members and external specialists? When a data breach occurs, you should have your partners designated in advance.
Do you have a business continuity and backup plan that can keep you in operation in the event of a ransomware or business disruption attack? Cybersecurity attacks that cripple a business’s systems can cause enormous costs. Regular backups of data and having alternative operating plans and systems in the event of a cybersecurity attack may help a business minimize its business losses.
Have you had any employee training for a cyber incident? Businesses should keep in mind that often their greatest vulnerability is their employees. Password and other credential sharing have been identified as the initial source of most cyberattacks involving access to company networks. Routinely training (and testing) employees on the importance of strong passwords and the risks of sharing credentials and opening phishing emails, and what to do when they suspect such an incident has occurred, can dramatically improve a company’s cybersecurity.
Cyber insurance covers the losses relating to damage to, or loss of information from, IT systems and networks. Policies generally include expert assistance and management of the incident itself, which can be essential when facing reputational damage or regulatory enforcement. Have you considered cyber insurance that protects you in the event of a data breach or other cyber incident discussed above? Have you consulted with someone knowledgeable about cybersecurity insurance?
Ideally, you scored well in all these categories. In times when whole countries are being targeted by hackers, businesses should strengthen their defense mechanisms and be constantly alert.
As Benjamin Franklin famously said: “FAIL TO PREPARE, PREPARE TO FAIL.” By better understanding their enemy, companies can create robust systems that help protect, mitigate and investigate security problems. As a result, business continuity remains unaffected.