How to be Proactive with the Security of your Business
Many commentators, including the FBI, have noted that the frequency and virulence of malware and other bad actor attacks have increased over the last two years. Ransomware has become a major threat. IT Security, both for home and business networks, has become a major part of any IT Strategy.
It is no longer enough to be reactive and rely on software and appliances to be the front-line defence, IT Security now needs to be proactive and try to prevent any incidents before they happen, or at the very least provide a quick response.
This in turn needs a proactive IT Security strategy.
Simply put, cybersecurity is the policies and procedures aimed and countering cybersecurity risks. Usually associated with corporate environments, it is increasingly needed in home networks as working from home and remote access to systems becomes more common.
Reactive versus Proactive
They are not mutually exclusive. As an example, proactive is vaccination, say against the flu, reactive is taking medicine after you catch It.
In the IT sphere, proactive measures are processes and actions taken periodically to identify new vulnerabilities and threats against an organisation and taking real-time measures to reduce the potential for security breaches.
On the other hand, reactive measures are those you take after a breach has occurred.
Why Proactive IT Security is Necessary
It’s obviously necessary to be able to deal with a security breach, but prevention is better than cure. The effects of a security breach can be very serious, perhaps even fatal for a business, and reducing the overall risk landscape of an organisation will reduce the threats to the business and potentially the costs of cybersecurity itself.
A further reason is complying with information security legislation such as the EU GDPR privacy rules. The biggest EU fine for breaking GDPR regulations currently stands at €746Million.
Finally, cybersecurity threats are constantly evolving. New threats appear on a daily basis, and updates to systems and applications software open up opportunities for attack.
Proactive IT security is a mechanism to deal with threats before they happen.
Proactive IT Security Measures to Take Today
The first thing to understand is that security breaches do not only happen through software and hardware. The FBI estimate that over 80% of all successful security attacks start with user errors, for example, phishing attacks.
Educating users in recognising potential security threats, and what to do if they suspect one is vital. The process starts at induction, and reinforcement through regular updates is essential.
One area that is often overlooked is employee termination through normal resignation or dismissal. At the point of termination, all employee access to corporate systems must be removed.
One potential threat comes from unrestricted downloads from the Internet. The ability to download needs to be blocked or strictly controlled.
There are two other potential security holes that need to be blocked. The first is the use of portable storage devices such as flash drives. Users can bring in malware from home networks, where security is generally lower, or use them to steal confidential information.
The second is online storage. Storage vaults like DropBox and OneDrive must be treated with caution. They can be used to transfer files to and from the corporate network, again potentially introducing malware or stealing confidential information. Their usage must be prevented or at least strictly controlled.
Create a Proactive Security Plan
A proactive security plan won’t happen overnight and will develop through a process of progressive refinement. The plan will vary from organisation to organisation but will have the same basic elements.
Penetration Testing and Threat Hunting
Not all threats are immediately obvious, and it may take some time to identify the source of an issue. Penetration Testing and Threat Hunting are two techniques that focus on looking for vulnerabilities in the existing IT environment.
They usually need the services of ethical hackers who regularly probe networks and by using penetration testing, create a risk assessment portfolio setting out potential attack surfaces, attack vectors and any immediate threats and vulnerabilities.
Continual Network Monitoring
All network management applications include a monitoring module that continually scans the network looking for unusual activity and issuing alerts. Recent development in Software Defined networks use AI to detect and respond to potential threats.
Benefits of Proactive Security
Prevention is Cheaper
The costs of a data breach can be very high, both in pure financial terms and in intangible costs like reputational damage. It costs significantly less in time and resources to proactively prevent a security breach than to clean up afterwards.
It is estimated that over 20% of all data breaches are initiated by insiders. A proactive strategy helps to identify and stop insider threats.
Cyber threats are becoming more sophisticated and complex. A proactive security approach will complement the reactive security policies and procedures already in place, creating a well-rounded risk management environment.