Cyber attacks affect all organizations – big and small, private and public. In all scenarios the results can be devastating. But last year, according to Verizon, one group was hit worse than any other – large businesses. Results in its Data Breach Investigations Report show that large businesses were victims in 72% of total breaches studied.
So while organizations across the world were battling economic uncertainty due to the pandemic, large businesses had extra cause for concern – because of the increased risk of cyber attacks targeting corporate entities, many of which were successful.
Although malicious insiders – such as disgruntled ex-employees, or individuals seeking to compromise their employer – pose a threat, external actors caused most breaches in 2020. This, coupled with the fact threat actors are predominantly focused on larger organizations, means it is imperative that security teams within these corporations focus their time and resources on the most effective measures possible to protect these highly-targeted corporate assets.
1. AI-powered automation to configure your cloud
There’s already plenty of conversation about whether cloud computing will reach its peak this year. It’s easy to see why when 92% of organizations’ IT environments are to some extent already in the cloud, according to an IDG report. But all change, good or bad, brings new dynamics and new sets of diverse challenges with them. Cloud is no exception.
An increased attack surface is one of the implications of the complex nature of cloud. When traditional network perimeters are removed, the question of accountability must be asked. Whose responsibility is it to secure data hosted in the cloud? Is it the cloud provider’s? Or the customer’s?
Misconfiguration of account privileges is one of the most common consequences of this misunderstanding, and by extension, one of the leading causes of data breaches. When default credentials aren’t reviewed, excessive permissions can allow standard users unnecessary access to sensitive data. This presents the perfect opportunity for a criminal to delve into the more sensitive, more valuable areas of a business’s IT infrastructure It’s important to remember cybersecurity vulnerabilities are inevitable. Because of the sheer volume of attacks criminals launch every day, it’s probable one of them will gain some level of access to your network. The imperative is to stop them from reaching the sensitive parts.
AI-powered automated tools that review user permissions and privileges can be of great use to IT management teams trying to overcome this problem. They provide both a quick and effective way of discovering accounts with excessive privileges and removing any superfluous permissions for specific users.
2. Securing access for third-party providers
Research we carried out last year discovered that 25% of British businesses use over 100 third-party vendors. Whether consulting services or supply chain managers, outsourcing internal functions has become commonplace.
Many of these third-party services require access to internal resources and data to fulfil their obligations. Our research found that 90% of businesses allow third parties to access critical internal resources – sensitive assets that if disrupted or stolen would cause significant harm to the organization.
This presents a problem for IT teams, because responsibility for security is then passed to your third-party partner. You may trust your own security measures, policies, and protocols, but can you trust theirs? In fact, early last year flexible office space firm Regus suffered a breach due to this exact situation, with detailed employee performance information being leaked via a third-party vendor. Regus had hired a vendor to audit its staff. The vendor’s security measures were weak, and the data breach was discovered in an investigation by The Telegraph. The impact an event like this has on reputation, as well as a company’s finances, is deep. This example is a warning to any business using third-party vendors. The privileged accounts of all external operators must be constantly managed and monitored. They must be secure, structured, and multi-levelled, granting third parties enough access to carry out their jobs without putting the firm at risk of a punishing data breach.
Advanced Security-as-a-Service packages are well worth consideration for businesses hoping to ease the burden of monitoring and management on their IT team.
3. Educate employees on the importance of security policies
The most evident challenge of 2020 was the transition to home office working from the traditional corporate workplace. IT teams were thrown into a maelstrom of consumer technology having to be granted access to corporate data and assets. Whether an employee’s Wi-Fi router or their personal laptop, the huge number of new devices introduced posed varying security risks. The challenge of both protecting employee endpoint devices and ensuring protocols are followed also increased by a significant margin.
This challenge is only going to continue into 2021. With the UK still under lockdown, a year in which we all work from home to a greater or lesser is easy to envisage. The security threats will have to be managed. The approach many businesses take to this challenge adds to the problem. Far too many businesses are over reliant on security policies to keep bad threat actors out of their networks. These are almost never enough by themselves. In fact, our December research found over 50% of UK employees both ignore and actively circumvent corporate security policies. More must be done.
A lack of user-friendly processes is a common reason security policies aren’t followed. Businesses may recognize the importance of security, but the processes implemented can be too difficult for employees to use, creating friction in the user experience. In the end, people find shortcuts in the pursuit of efficiency and ease of use. A balance must be struck to address this problem. Employees must first be educated on the importance of adhering to security policies, but in turn IT teams must adopt tools and processes that help minimize disruption to the wider business.
Businesses are in a much better place than they were five years ago in terms of security. They’re beginning to take the threat of a potential data breach more seriously, which is in no small part thanks to the introduction of the GDPR. But it’s important to remember that, while cyber attacks are a constant threat, methods will always change.
You can guarantee criminals will continue to pose a threat ten years from now, but you can’t be sure what form that threat will take. It’s therefore crucial IT and security teams assess and reassess their security measures. For large businesses, if you follow the three tips laid out above, you’ll be one step closer to ensuring the safety of your organizations and preventing potential breaches.
- Rich Turner, SVP EMEA, CyberArk.
- We've featured the best business VPN.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Rich Turner has been CyberArk's SVP EMEA for over three years. Prior to this position, he led both FireEye and Proofpoint's EMEA businesses.