Cybersecurity is as important as ever. It’s also trickier, and with today’s new cybersecurity threats, the stakes are getting ever higher.
- With so many employees now working remotely, employers’ networks are significantly more vulnerable to cyber-attacks.
- Entry into your network could be as simple as one employee clicking on a phishing email.
- 51 percent of data breaches are from criminal acts; 25 percent from system glitches; 24 percent from human error.
- Learn ways you can shore up your cybersecurity and protect your data.
First the bad news about cybersecurity: According to a 2023 IBM report, the average data breach costs a company $3.86 million. Cyberattacks are so costly in part because, according to the same report, it takes an average of 277 days, or about nine months, to detect a breach.
The United States government has, in fact, labelled cyberattacks as a major national security threat: The National Institute of Standards and Technology (NIST) recommends a specific framework for handling cyber threats. That framework looks like this:
- Identify
- Protect
- Detect
- Respond
- Recover
Now the good news: Cybersecurity professionals are getting better at anticipating changing trends in the cyber threat landscape. They must, after all, be as agile, clever and creative as their adversaries, if they’re to detect new cybersecurity threats within any reasonable period of time. Of course, their role is by nature reactive, so they can only prevent so much. It’s best to take a not-if-but-when attitude toward cybersecurity.
Bear that in mind as we go over some cybersecurity basics and what you can do to handle cybersecurity threats.
Types of cybersecurity threats
According to the United States Cybersecurity and Infrastructure Security Agency (CISA), the top three most common cyber threats are:
- Malware: This type of software allows hackers unauthorized access to proprietary IT systems; from there they can steal data and disrupt or destroy the system in a general way.
- Ransomware: This is a subtype of malware used to hold data and systems hostage—for ransom, as it were—until a company capitulates and gives a hacker whatever it is he’s demanding (money, usually).
- Phishing: Coming usually in the form of an email, phishing is a common scam that lures the reader into clicking on a phony site laden with malware. Phishers do this by mimicking domain names, faking sources (e.g., making it look like the email came from a company’s CEO), and encouraging or threatening users to open dangerous links that seem, to the untrained eye, to be legitimate.
Cyberthreats are legion. The Massachusetts state government highlights these as particularly damaging:
- Distributed denial of service (DDoS) attacks: These overwhelm a website with excessive traffic from several different locations and users. This is generally just a distraction tactic: While IT professionals are busy straightening out site traffic jams, hackers enter a company’s system and install malware or other dangerous software.
- Corporate Account Takeover (CATO): This is a form of business entity theft wherein cyber criminals, pretending to be a particular business, acquire unauthorized wire and ACH transactions which are then deposited in bank accounts controlled by hackers.
- Automated Teller Machine (ATM) Cash Out: These are coordinated, simultaneous withdrawals of large cash amounts from multiple ATMs in several different locations. These withdrawals are often accomplished with stolen ATM or debit cards.
Related: Best practices for managing a remote workforce
Today’s new cybersecurity threat landscape
An increasing number and variety of companies rely on cloud computing. This allows them to keep large stores of data within easy reach. Unfortunately, that also means that a great amount of often sensitive data is within the reach of anyone who can penetrate a firewall and mock up the necessary permissions.
But cloud-based data is not necessarily more vulnerable to new cybersecurity threats than any other type. Medical and financial records have been stolen from ostensibly secure intranets. Cyber criminals have shut down oil pipelines and power grids. National security has even been put at risk.
Even data stored on-location on heavily monitored hardware is vulnerable to cyberattacks if it has any internet connectivity. This has implications for all of us in terms of the Internet of Things (IoT). All manner of devices, from the phone in your pocket to your home security system to your local 911 response center are vulnerable.
Related: How to protect yourself against mobile ransomware
What does a good cybersecurity framework look like?
A high-quality cybersecurity framework is multi-faceted. It likely involves data and cloud security; endpoint-user and hardware security; and disaster recovery and mitigation protocols.
One advanced element of cybersecurity involves the use of so-called penetration testers—ethical (“white hat”) hackers who purposely penetrate a company’s systems in order to understand where they’re most vulnerable.
Related: Your business disaster recovery plan: A back-up plan to keep you humming
Employee access and training to enhance your cybersecurity and data protection
According to cybersecurity provider Varonis, endpoint users—including general employees—are responsible for a significant number of cyber breaches:
- 81 percent of breaches were achieved via stolen/weak passwords.
- 66 percent of malware was installed via malicious email attachments.
Worse, nearly half of executives said they have no employee cybersecurity training in place. And such training, based on the numbers above, ought to be implemented right away. Here are some things employers can insist on:
- Only provide employee access to files, folders or applications needed for them to perform routine on-the-job tasks. This is known as the principle of least privilege.
- Provide work-at-home employees with increased security protection.
- Provide regular, up-to-date training for employees at least every 90 days.
- Teach employees how to identify phishing attempts and dangerous spam.
- Create teaching drills and exercises grounded in real-world scenarios to test employees’ ability to detect scams and respond appropriately to fraudulent requests.
“The harsh truth about the emerging risk of ransomware is that it’s really a people problem,” wrote a particularly blunt blogger over at Property Casualty 360. Indeed, ransomware attacks are often quite sophisticated, and cyber criminals are continually seeking new ways to exploit system vulnerabilities; they do their best to go after distant endpoints, i.e., employees who don’t work in, or know much about, IT.
All employees should know, for instance, that, according to Verizon, 92.4 percent of malware is delivered via email in the form of:
- A bill or invoice
- Email delivery failure notice
- Package delivery notice
- Legal/law enforcement message
- Scanned documents
And most of these attachments are malicious Microsoft Office files, which typically make it through email filters successfully.
Whatever new cybersecurity threats are on the horizon, you can be sure that they’ll be devastating, and often no one will see them coming. But dedicated cybersecurity professionals are working diligently to combat all possible developments in the world of cyber threats.
This article originally appeared on Arrowhead General Insurance Agency’s blog. It is used with permission and has been updated to better fit the needs of ICA’s customers.