Enterprise security: 5+5 tips to stay bulletproof
Cybercriminals can penetrate 93 percent of company networks. And once they've found a path through the network perimeter, they can do so in two days on average. That's the most important and alarming finding of a recent study from Positive Technologies, a global provider of enterprise-level security solutions for vulnerability and compliance management.
Drilling even deeper into the post-pandemic role of cybersecurity for companies, the pentesters also set out to trigger security events that clients identified as critical, ranging from the disruption of technology systems and business continuity to the theft of funds and sensitive information.
"Pentesters confirmed the feasibility of 71% of these unacceptable events. Our researchers also found that a criminal would need no more than a month to conduct an attack which would lead to the triggering of an unacceptable event. And attacks on some systems can be developed in a matter of days," says Ekaterina Kilyusheva, the company's head of research and analytics.
These conclusions alone speak to the state of enterprise security – but there's more.
According to the Allianz Risk Barometer, cyber risks top business concerns across the globe, with the threat of ransomware attacks, data breaches, or major IT outages keeping company executives up at night more than supply chain disruption, natural disasters, or the pandemic.
"Ransomware has become a big business for cyber criminals, who are refining their tactics, lowering the barriers to entry for as little as a $40 subscription and little technological knowledge," points out AGCS head of cyber Scott Sayce, adding that more attacks against technology supply chains and critical infrastructure are probably inevitable.
But how can businesses, big or small, ready themselves against these risks? Here are some pointers, plus five tips for those looking to build more robust cybersecurity practices and another five for those who are just getting started.
Enterprise IT security vs. traditional IT security: the key difference explained
First things first: what is enterprise security? It means the strategies, methods, and protocols of protecting an organization's data and IT assets against any unauthorized access that puts their confidentiality, integrity, operability, or availability at risk. Instead of only securing digital assets on the local front, it extends the traditional cybersecurity focus to safeguarding data in transit across the connected network, servers, and end-users, including on-premises and cloud-based infrastructure and third-party providers.
Not to mention the rapidly growing number of endpoints connected to enterprise networks. In the past, McKinsey analysts point out, the number of endpoints in a large corporate network would have been somewhere between 50,000 and 500,000. With the IoT connecting an arsenal of "things", from pacemakers to entire manufacturing plants, the number of cybersecurity attack vectors is now in the millions, if not tens of millions, creating a significantly more challenging security environment for companies to manage.
In the same study, 81% of respondents lamented that staying ahead of attackers is a constant battle and the cost is unsustainable, marking a significant rise from 69% in 2020. The reason? Thirty-two percent saw a number of successful cyber-attacks in 2020, with ransomware events showing a whopping 160% year-on-year increase. Cybersecurity Ventures predicts that by 2025, cybercrime damages will cost the world $10.5 trillion annually. If it were measured as a country, cybercrime would be the world's third-largest economy after the US and China.
Enterprise security program: planning for cyber-readiness
With so many moving parts, how can you make sure that all security gaps are addressed across your organization?
That's where a robust enterprise security architecture can make a world of difference. An enterprise information security architecture, EISA for short, is a rigorous, comprehensive action plan for an organization's security processes, systems, and personnel to work together in achieving its core security goals. Depending on these specific goals, there are several security architecture frameworks to choose from or combine, with the most common ones including SABSA, COBIT, and TOGAF.
SABSA is a business-driven security framework that consists of six layers, five horizontals and one vertical, offering a holistic approach to enterprise security. COBIT, developed by ISACA, mainly focuses on the process-side of security, from process inputs and outputs, objectives and performance measures, aligning IT with business while providing governance around it. Used by 80% of the Dow Jones Global Titans 50, TOGAF helps companies design and evaluate the right architecture for their business while cutting the unnecessary cost, time and risk involved.
Just getting started with cybersecurity? Here are five enterprise security best practices to follow
1. Plan for the good, the bad, and the ugly
A key element of your enterprise security strategy is to make sure you have effective controls in place appropriate to keep your data assets safe. As is having an incident response plan ready for when things go awry. The incident response plan should detail preparation in case of an incident, response during the incident, and rapid recovery from the incident, along with considerations for business continuity, data loss, and back-ups for recovery, says CRI.
2. Turn your weakest links into your strongest allies
Enterprise cyber security is only as strong as the weakest link – and that link may or may not be sitting next to you. Socially engineered cyberattacks, such as phishing, vishing, smishing, malware threats, mar, and pretexting are only a few examples of the many fraud tactics your employees can fall victim to. Organize regular training sessions for staff to make sure they're up to date on security protocols and how to use them.
3. Get serious about passwords and authentication
Credential compromise is the single biggest risk to enterprise networks at 71% of companies, primarily because weak passwords are chosen. It's best to use a password manager solution and randomly generated 16-24-character passwords, locked by an equally secure master password. Add two-factor authentication as an extra line of defense to block over 99.9% of account compromise attacks such as brute-force attacks.
4. Back up, back up, and back up some more
Ransomware is currently cyber enemy number one on the world stage, with international law enforcement operations, task forces, and industry initiatives aiming to bring this new industry down. Backups won't stop attackers from trying to steal and keep your data hostage. But having multiple backups of business-critical information assets might cushion the blow by allowing you to be back up and running as quickly as possible and limiting potential data loss.
5. Trust, but encrypt
Not all encryption methods are created equal. Use end-to-end encryption to ensure the highest level of enterprise data protection against even the most sophisticated cyber-attacks. Tresorit is a leading cloud collaboration tool which provides client side zero-knowledge encryption across all platforms, even from web browsers. This protocol ensures that no keys, passwords, files, or any sensitive material ever get transferred in an unencrypted or reversible form.
Looking to improve enterprise cybersecurity? Do these five things now
1. Consider a security audit
"It can be challenging to know where your security weak points are, especially if you have highly remote staff. You never know if certain employees are uploading their passwords to something like a Google Doc and if this account is secure," warns Salvador Ordorica, CEO of The Spanish Group LLC. A security audit can help you identify threats, vulnerabilities, and weak links in your security structures and go from secure to virtually impenetrable. Plus, make sure you're (still) compliant with relevant security compliance frameworks.
2. Beware of inside jobs
According to the World Economic Forum's Global Cybersecurity Outlook 2022, malicious insiders are among the top three concerns for cyber security leaders. A malicious insider can be your organization's current or former employee, contractor, or business partner who deliberately or accidentally misuses authorized access to critical networks, systems, and assets. When planning your access control strategy, follow the principle of least authority: grant users the least privilege that allows them to get their job done.
3. Make yourself at home in the cloud
It's not that CISOs don't believe that a secure cloud exists. In fact, over the next three to five years, more than two-thirds of workloads will shift to the cloud, with about one-third of businesses moving more than 75% into a cloud-based system. But 32% say security is not part of the cloud discussion from the get-go, and they're playing catch-up, according to Accenture's latest report on cybersecurity resilience. Be sure to have proper cloud governance in place, educate staff on cloud security and perform regular health checks.
4. Bring enterprise security management to the boardroom
Eighty-four percent of respondents in the World Economic Forum survey said cyber resilience is considered a business priority in their organization, backed by leadership, but only 68% saw it as a key part of their overall risk management. This misalignment can easily leave businesses vulnerable to serious threats. Work actively towards keeping board members in the loop about current cybersecurity issues, using the right language and performance metrics.
5. Mind your third parties
Supply chain attacks are a growing threat to cloud-native environments.Think of your third-party providers, cloud or otherwise, as the extensions of your own infrastructure and make sure that whoever you choose to work with talks the talk and walks the walk when it comes to cyber resilience. Ask vendors to complete risk questionnaires, classify them based on the risk they pose and set up controls like encryption, endpoint detection and response or security awareness training to mitigate them, security expert Michelle Drolet advises.