Over the past few years, cybersecurity threats have risen at an unwavering pace. In fact, according to the FBI, there has been a 300% increase in reported cyber crime since the pandemic began. So, what does this mean for your company and what can you do to better protect your organization in the coming year? DocXellent brought together three cybersecurity experts for a panel discussion to answer this question and illuminate the risks companies should be aware of as they move into this next year.
The webinar panel consisted of Chris Beyer CTO/Founder of Synacktek, Nicholas Gonzalez, Senior Client Executive of Alacrinet, and DocXellent’s Director of Information Security & Cloud Services, John Waller. Read on for a recap of their discussion, including the following topics:
- Supply chain attacks and ransomware
- Remote work challenges
- Data protection and authentication transformations
- Increased cybersecurity awareness
- Future-proofing your cybersecurity strategy
Click Here to Watch the Full Webinar: 2022 Cybersecurity Trends
How to Prevent Ransomware Attacks in 2022 [6:40]
As we move into 2022, attacks will continue to be more of the same: a combination of evolving code, with hackers constantly trying to find ways to bypass the security measures that companies have in place. Social engineering will always be the preferred attack vector, with human error being companies’ biggest vulnerability.
Moving forward, in order to prevent these types of attacks, companies need to implement sophisticated endpoint protection and company security policies, including patch management, routine system security updates, and backup solutions. Ultimately, you must change the culture at your organization around information security. Additonally, using a robust company wide document control system helps prevent cyber criminals from reaching sensitive documents by creating a barricade, keeping malware from jumping from the client to the document management server.
Overcoming Security Challenges While Working Remotely [14:57]
Before the COVID-19 pandemic, a typical remote access for most organizations involved a company building a VPN tunnel back to a data center that utilized an on-premise security stack. Once companies started going 100% remote, they began encountering issues issues with this method because their VPN capabilities weren’t created for that level of internet traffic. To combat this, some companies set their remote connections up with a split tunnel. However, this causes severe losses to visibility, control, and cyber protection.
Instead, companies should rely on the SASE method: Secure Access, Secure Edge. Chris Beyer explained what this means: "SASE is perimeter control that really follows your users. So whether they’re connected via VPN to you, they’re home on your on-premise network, or they’re connected to Starbuck’s WiFi, you're pushing security policies down to the user themselves so that you can do web content, filter your DLP, do SSL decryption and look for malicious traffic. “ Even further, Chris mentions that if your company utilizes a cloud environment, this is even more important if someone’s logged onto your PaaS or SaaS application. If these systems aren’t correctly secured, a cyber criminal could theoretically connect and download documents, upload files, and see private company information.
If your company uses a document management system, you can securely collaborate on documents from home with members of your organization or up and down your supply chain. There’s no need to send files via email, everything can be reviewed and approved within the system.
Increasing Cybersecurity Awareness Within Your Organization [21:55]
As mentioned earlier, human error is the primary cause of cyber breaches. This is why providing cybersecurity training to your employees is so important. This includes annual training sessions and simulated phishing spot checks. In order to change behavior everyone in your organization needs to understand the magnitude of these cyberthreats. Here are some techniques to help your company take cybersecurity more seriously:
- Set up email alerts and banners that warn a user when an email is from an outside source or links to a suspicious webpage
- Hold your employees accountable. If a user continuously clicks phishing links or skips training modules, there needs to be consequences in place so this behavior is corrected
- Utilize endpoint detection and response (EDR) platforms. These systems combine real-time continuous monitoring and data collection with analysis capabilities to enhance your internal security network
Nick Gonzalez sums up the overarching importance of imbedding cybersecurity awareness throughout your company: “Changing the culture is really what we're talking about. We all need to have this mentality of protecting your company. It's not just about me, it's about everybody because the weakest link is what's going to cause the most damage.”
Integrating Zero Trust to Protect Your Data [29:17]
Companies need to be wary of granting everyone in their team access to every piece of information within their network. Instead, they should look at using the “Zero Trust” approach. Zero Trust is a cybersecurity method that eliminates implicit trust and continuously validates each stage of digital interaction. This method is designed to protect a company’s sensitive information by using strong authentication methods, leveraging network segmentation, and only granting access to information on a need to know basis.
The first step to integrating Zero Trust is helping your employees understand why they don’t need access to every piece of company information and beginning to roll out data permissions. Secondly, it’s necessary to make thorough employee on-boarding a priority. Instead of using a cookie cutter strategy, companies need to personalize the process and tactically decide who will have access to what information as they move into the company.
Additionally, there are smaller actions your company can take to move towards a Zero Trust strategy. There are many micro-segmentation products that allow you to implement host to host level segmentation centrally. This can help you analyze process level data and block unnecessary IP connections in order to protect private company information from falling into the wrong hands.
Future-Proofing Your Cybersecurity Strategy [35:18]
A lot of organizations struggle with future-proofing in terms of their cybersecurity strategy. Even things like implementing network access control can be a challenge. However, taking advantage of controls like these is worth the extra effort it takes to implement them. Here are a few ways to future proof your cybersecurity strategy:
- Track your configuration updates to help you improve device management, figure out if changes are authorized, and roll these upgrades back quickly when necessary
- Implement Network Configuration Change Management tools (NCCM)
- Automate the discovery of assets on the network
- Integrate with a configuration management database (CMDB)
- Track your network patching to determine where your vulnerabilities are
- Run penetration testing to see if there are any holes in your network
- Implement deception grids to catch potential cybercriminals
It is also important to plan how each of your different security tools will work together. Chris explains it in this way: "You have these different security tools. You've got an EDR solution, you've got firewalls, you've got CMDB. How do you pull all those things together and effectively manage security? I think for future proofing you're going to look at tools that either integrate natively with each other, or you're going to look for tools that will help you build custom integrations for your security analysts, to simplify taking different pieces of data, and effectively solving a problem.” Essentially, if your cybersecurity systems don’t function harmoniously, your company may fall victim to unseen vulnerabilities. Make a cybersecurity strategy, decide how it will be implemented, and stick to that plan as you bulk up your security practices.
Preventing Attacks on Your Supply Chain [44:25]
A supply chain attack, like those seen with SolarWinds in 2020, is an increasingly common form of cyberthreat. These types of attacks occur when a hacker places malicious code into a trusted piece of business software. This action allows other cybercriminals to hijack a suppliers distribution system, essentially turning any application they sell into a Trojan horse. This grants these hackers access to the networks of countless customers, completely unknowingly.
In order to prevent these types of attacks, companies need to go through thorough intensive vendor research. Before you choose a product and supplier, ask indepth questions about their security practices and business methods. Ask for a penetration test, results from previous audits, and a security check to help you get a better understanding of how they’ll keep you safe as part of their network. Also, ensure your own patch management procedures are robust. If your supplier does happen to experience a breach, your company can help prevent your sensitive information from being stolen if your cybersecurity is sturdy and up to date.
Webinar Q&A [49:45]
- Is biometric-based MFA more reliable as compared to key cards and text messages?
Biometrics have improved significantly over the past 10 years. They provide an extra layer of protection as compared to text messages and key cards. Additionally, technology in this arena is still advancing. Nick mentions one type of new software that is especially helpful:
“[At Alacrinet] we incorporate a lot of IBM software in some of our solutions and services. The QRadar Solution and some of the anti-fraud malware solution that we use with our banking customers incorporates user behavior and user behavioral analytics that's really enhanced over the last few years. And… that provides a different layer of defense because it's tracking the way [for example] if Chris were to log in with his username and password he's hitting the shift key and never really touching the caps lock key every time. Or maybe he's moving his mouse a certain way. The UBA technology that's out there creates a baseline for that user, on how they touch keys and how they move their mouse. So, I think when you start to combine UBA with some of the biometrics that are out there, it creates more layers of defense.”
- Is Microsoft taking the best direction security-wise with Windows 11?
Both Nick and Chris agree that it’s a little too soon to tell if Microsoft’s security strategy will be successful. However, their research has shown that Microsoft is steadily advancing in terms of their cybersecurity measures. They use better code-developing techniques, and software testing methods to increase security and efficiency.
As cyber crime rises, companies need to remain vigilant and keep their cybersecurity practices top of mind. Monitoring systems for possible vulnerabilities that could lead to ransomware incidents, supply chain attacks, or data breaches is imperative. By assessing your business’s cybersecurity risk, implementing company-wide policy changes and making cybersecurity a priority, it’s possible to protect your business from most data breaches.
In order to ensure the security of your company, its data, and your employees, you need to have a cybersecurity foundation laid and mitigate as much risk as possible. DocXellent is here to help if you would like a consultation on your current cyber security procedures or more information on moving your applications and data to our secure, FDA-compliant, ENSUR SaaS. Contact us today.