A multitude of threats Bombarde your network day and night. It is constantly under pressure to stay secure and protect critical data from your business. How do we eliminate the flaws before they turn into a catastrophe?
You think your computer network is secure? Think carefully. A huge number of malicious and mutating threats are projected millions of times a day to all the hardware, network points and services that you, your it vendors and your collaborators have. Are you still so sure of yourself?
The NotPetya chaos of 2017 was triggered by a modest Ransomware attack in a rarely used Ukrainian software. This is the best example of the fact that an attack from your company can come from anywhere. Did the world maritime transport giant Maersk think that his computer was protected before the attack? Was the French material company Saint-Gobain concerned about the Ransomware? You can be certain that their attitude has changed a lot since their it services have been destroyed.
Since this dark period, the landscape of threats has changed, the attack vectors have evolved and protections also. However, every time a company is hit by an attack, it becomes clear that all companies remain exposed. Better security reduces the number of headline headlines in the press, but it’s only a matter of time before the next large-scale attack triggers, and it could hit your business.
Protecting your business today, tomorrow and next year
The boards of Directors of all companies should make security a major concern. Using experts and deploying the latest services is only part of the solution. In order for the company and its data, services, hardware and terminal points to remain secure, all companies must align fault management with the broader business strategy.
Tools such as business model canvas allow the company to visualize at a strategic level all of its business model and the interactions between internal, external and partner-provided it services. This makes it easier to highlight weaknesses and build a strategy in which it services develop to protect legacy, current, and future systems from all types of attacks.
When this strategy is in place, it professionals can use the tool to gain more granular visibility of networks and endpoints. They can broaden and adopt tools to protect them, and understand how future changes will need to be adjusted in security levels to allow the company to continue to progress.
At each endpoint, identify the person who is responsible for the network, user devices, and data that is critical to your business. Ensure that they communicate with each other to understand security responsibilities for risk management, especially between offices or partner activities. Systems are not responsible for data security. It is the people who manage and exploit them who are responsible for them. And these people must be fully aware of the risks to society and its reputation, as well as the legal consequences, in case of problems.
If your interlocutors refuse to be interested, you can show them the Kaspersky threat map or a similar tool that showcases the incredible amount of active threats circulating in the world’s networks. Some quasi-incidents on your sites or networks will not fail to emphasize the seriousness of the question.
Build a secure system that remains
At the operational end, identifying the vulnerabilities and active threats is the daily task of any employee or it security team. Any company that has started taking security seriously must get a positive health check for its current network.
Rigorous controls of all systems, PCs, peripherals, printers and network adapters are required to ensure the hygiene of the company. Regardless of the scale of the company or the size of its it budget, professional-grade security tools are available to all to scan and protect. Many tools are available, some more efficient and reliable than others, but the use of one of them is a starting point in the company’s commitment to security.
Companies need to have several levels of defenses to cope with such a large number of threats. You need to invest in predictive services that can monitor traffic to identify specific activities, as well as in the usual antivirus and firewall scanners. When your network grows, you need anti-intrusion tools to monitor your networks of the Internet of things, your wireless access points and other weak points.
When you put it all in place, you can use penetration testing services to improve your it security. At the individual level, educate users about the available protection tools and how they work to improve awareness and minimize risk. Informing company employees about malware, fraudulent sites, phishing attacks and other threats will also help protect your business.
The landscape of threats in 2019 and beyond
We are now living in a world of zero-day attacks, and even if security experts read 10 hours a day they can’t keep up with the series of wireless attacks reported by the security industry. This is a real headache for it executives when it comes to indicating the seriousness of the problems to some Board members. To give the Director of information and the Board an idea of the magnitude of the attack landscape, encourage them to listen to high-level debates such as Brightcove’s forecast to better understand the problems.
They have a responsibility to ensure that the company is able to meet the challenges of loophole alignment, with it security tailored to the business. As Network World points out,
“Managing the risk of faults remains a major challenge-and a high priority-for all organizations, even the most knowledgeable in computing. Despite the use of the best detection technologies, they continue to be compromised on a daily basis. The search for faults allows to discover the potential minefields of the network, but often produces only data tracked in spreadsheets and independent grinding teams that rush in different directions. »
Now consider what less-informed organizations are doing to deal with threats, using outdated tools and limited it and human resources. It is these companies that have to adapt quickly to stay secure and even if they have a less complex technical Park to manage, the threats are just as heavy.
Regardless of the size of the business, identify the risks to it security, secure the endpoints and plan the key role that security in the enterprise will have to play in the future. The landscape is a chessboard of threats and counter-threats in constant evolution, but by ensuring that your company has the security necessary to cope with it you will give it the best operational and legal bases to advance.
IFP expert: Chris Knight writes about the role that new technologies can play in helping companies, whether it’s AI and chatbots, virtual and augmented reality, or the latest developments in mobility and the cloud.