Connect with our experts
Share a few details about your business challenge, and we’ll get right back to you.
Connect with our experts
Share a few details about your business challenge, and we’ll get right back to you.
The field of cybersecurity is always evolving to keep up with the threats out there. Recently, we have been observing some interesting trends that security professionals in enterprises should be aware of. Some of them are based on our client conversations.
Here is an overview of the cyber threat landscape right now. At the end of this article, there is also a brief guide on how to prepare your organisation to tackle them.
Ransomware should no longer be considered just a form of a cyberattack – it is clearly made for profit, as are other types of malware.
Hackers even disclose some industry configuration details for other attackers to use in their attempts. The reality is that it’s practically possible to get 24/7 support for performing one’s own cyberattack.
Cybercrime is a big business, and it should be treated as such.
Microsoft once reported blocking 2,300 phishing attempts for a fake Office 365 login page in just one day. Bad agents took an opportunistic approach, targeting mainly small businesses with COVID-relief packages.
If it seems like the cybercriminals are getting organised, it’s because they do. In fact, it’s probably easier to find instructions on how to create a phishing email, than on how to identify one.
Around 30% of attacks are based on social engineering, especially phishing. Once user credentials are taken, permissions can be elevated, getting the bad agents further into your environment.
An attack can last a few weeks, during which your corporate information is being downloaded. Then attackers can install ransomware and lock you out of your systems.
By the time you get the payment request, it’s already too late. And if your business information leaks, it’s not good news for your customers nor stakeholders.
Everyone assumes it won’t happen to them, but it will. In fact, it might already be happening.
The security perimeter has changed. Your users are now the weakest point of your network. In addition to protecting identities, you need to make sure every employee knows they’re part of the threat environment. Make them part of the solution, instead of the problem.
It doesn’t mean you need to make everyone an expert, but everyone at your organisation should have a baseline understanding of best practices. Security is everyone’s business.
The Zero Trust approach puts identities at the core of your security. It works on the principle of continuous access evaluation.
You can use tools like Microsoft Graph Security to assess a user’s threat profile at every request. If anything changed since the last session – permissions, resource, connection, device or anything else – reauthentication is triggered.
It’s not just about access and passwords – Zero Trust also applies to developers and apps. When building a new product, we need to think about how to embed security within. It needs to be a part of the package, not an add-on.
The technology to help your business stay secure is already there. In fact, often organisations have the right services already in place and paid for, but they’re not making the most of it.
Your attitude to risk is what can make the difference between an incident and a disaster.
There are easy things you can implement today to make your network safer:
Patching – software vulnerabilities leave gaps in your network. Move updating to the cloud, so it’s done automatically. The economy of scale works to your benefit – new patches are rolled out all at once to everyone, so you can take advantage of them.
Here is what you can start doing today to improve your organisation’s preparedness when it comes to cyberthreats.
If you want to stay in business, you need to make security the top priority for your company. It means you’ll need to be an internal ambassador to get the buy-in from the decision-makers. Here is some practical advice:
Remember the key principle of security, the OODA loop: observe – orient – decide – act.
You can’t act until you understand what’s happening. You’re wasting efforts that way.
Your tools are only as good as your configuration. Specify the key assets to protect and make sure you’ve got your basic processes ready, like offline backup and incident response procedure.
As the famous quote goes: “all of this has happened before, and will happen again”.
So be prepared for the future. Address the basics. Know who has access keys to the backups, and whom to contact when you need help getting back online.
The thing about cyberattacks is that most organisations will only deal with them once. This means there’s nowhere to get experience with them ahead of time.
But you no longer need a large in-house cybersecurity team. Services like Azure Security Center and Azure Sentinel can provide crucial SIEM and SOAR capabilities.
Even better, security tools – and consultants – are available as a service. Take advantage of it and don’t fight your battles alone.
The cybercrime industry is still growing and always developing. While solutions to protect your resources get better, don’t underestimate the risks to your environment. Security should always be the priority, not an afterthought.
Many attacks can be avoided by simple processes like regular patching, using MFA, and conditional access, so make sure that you cover the basics. This one action alone can greatly improve your organisation’s security practices.
Finally, prepare for the worst-case scenario. Do you have a plan of action for when your processes fail? Make sure you have a recovery procedure in place and emergency contacts on hand.
Share a few details about your business challenge, and we’ll get right back to you.
Share a few details about your business challenge, and we’ll get right back to you.