With the frequency and sophistication of security “attacks” on the rise it is more important than ever to take a measured approach toward planning and prevention. Axis Business Solutions hosted to a recent webinar featuring Slade Griffin, Director of Security Services for Contextual Security to review common attack vectors used to gain access to your systems.
While much is changing, some methods of attack remain very familiar. Griffin reports that phishing is still the easiest way to get inside an organization because it preys on human behavior. “Offering me something I want via email with little effort is still successful because so much legitimate business is performed that way,” said Slade.
Working to put security best practices and solid, authoritative security standards in place are the foundation of your plan to prevent these attacks. Without them you will likely come up short of your security goals. A good example is something as simple as passwords which are the key to your network identity.
“If you aren’t using multi-factor authentication, then all an attacker needs is your password to masquerade as you to the important systems on your network,” said Slade. “Acquiring these credentials is usually trivial and then it’s about hunting data and seeing what type of access is allowed. If you’re going to only use passwords, we suggest using 12-character passwords with complexity (mixed upper and lower case with numbers and special characters) at a minimum. The longer your password is, the harder is to guess using offline password cracking methods or online brute forcing.”
Recognizing that your company has areas for improvement is usually the easy part – but ensuring your company is heading in the right direction can be a daunting task.
Slade recommends that the first thing an organization needs is to have an assessment done to determine the scope of their “problem.” Many times organizations don’t maintain an accurate inventory of the systems, devices and applications that reside on their infrastructure and this is one of the outputs of a well-rounded risk and security assessment. Additionally, this provides an organization with a detailed look into their security posture by actively looking for vulnerabilities within their network. If a penetration test is part of the assessment, this will prove or disprove how well the technologies they have invested in will detect, alert, or prevent exploitation of vulnerabilities.
“Once the picture of assets, services, and vulnerabilities is established the team can begin building their security program to fill in the gaps identified,” said Slade. “Essentially, we want to build policies, people, technologies, and our environments around authoritative standards and best practices. This will produce a secure and consistent environment that can be scaled to meet the needs of the organization.”
And while there are many ways an attack can occur, the top steps you can take to be ready have not changed over time.
“We still recommend that companies employ good network segregation to isolate traffic (good or bad) to the devices which need to communicate with each other. In addition to this, employing a good multi-factor authentication solution for all remote access to internal services and for access to core services and privileged accounts. Having policies and procedures which compliment your technologies is also critical, and training relevant personnel in cybersecurity should also be an ongoing effort.”