These days, you can’t open the news without reading about a terrifying new security threat. New threats are popping up by the day, leaving business owners scrambling to find ways to keep their organizations protected.
This afternoon at ITEXPO, HD Voice News Editor-in-Chief Doug Mahoney led a panel titled “How to Beat Evolving Security Threats,” where he was joined by Ingate Systems President Steven Johnson, Area 1 Security Ops and Development Director John Morgan and neXt Curve Principal Analyst and Consultant Akshay Sharma. The panel offered practical advice that ordinary businesses can use to keep malicious insiders out of their networks.
The main take away from the panel is that there is no one size fits all approach to cybersecurity. Cybersecurity is now a 24x7 job, and one that requires a multi-pronged approach. If you rely on antivirus software alone — or any one solution — your business will eventually get breached. Hackers want to intrude on our networks, and they have a lot of time and energy to devote to the process. So make no mistake about it: If you have sensitive data, hackers want it. And they will go to great lengths to obtain it.
Businesses must also look beyond “brand name” cyberattacks, which come and go quite frequently. It’s just as important to focus on everyday phishing attacks, where hackers go after user credentials in order to gain a foothold into a company’s infrastructure. This type of attack takes time, but if successful the results can be devastating for a business as it allows hackers to access large amounts of data and get out quickly.
As the panel explained, a multi-layered approach is the only way to really stay safe online today, with specific solutions like artificial intelligence, blockchain, biometrics, behavior analytics and more all working together to create a secure environment.
This week, for instance, there is a lot of talk about blockchain at ITEXPO. And while blockchain is a remarkable advancement for cybersecurity, it’s not the end all be all.
“Just because your blockchain architecture is secure, it doesn’t mean your entire organization is secure,” explained Sharma. “There can still be vulnerabilities.”
So, what are some critical actions that CISOs can take to protect their end users and infrastructure?
One critical piece of advice from Morgan is that businesses are only as secure as their least secure business partner. Look down the supply chain, and try and assess hidden vulnerabilities that could compromise your organization.
What’s more, he explained, always make sure there is an aggressive patching program. Multifactor authentication is also imperative for success.
The panel also brought up the issue of malicious insiders. As Johnson explained, businesses need to be very careful about who they employ. And a certain amount of monitoring is need for various positions to prevent malicious activities from happening.
Edited by Mandi Nowitz