Check out what our partners at Webfargo have to teach you about cyber and data security when it comes to protecting your business.
Why security monitoring is critical
Interesting research from a security startup showed that attackers are incredibly noisy when targeting a host through cross-site scripting (XSS) attacks. The firm tracked 33 production web applications at 12 companies over a 30-day period. The result was that for every successful breach, there were 100,000 unsuccessful attempts. This type of activity would be easily seen in server logs, firewall logs, or IDS systems – really any type of security monitoring would spot something so noisy. This is relatively common depending on the attack method and vector, and is the reason we continually recommend security monitoring – it can spot attempted attacks long before they are successful.
An effective defense against ransomware
No attack has dominated the news recently more than ransomware. Organizations ranging from private companies to hospitals to police departments to airports have been infected. In fact, a Korean web hosting company recently paid approximately $1,000,000 in ransom to decrypt its customers’ systems. And of course everyone knows about the very recent WannaCry outbreak and the current Petya attack. But there is good news too – this quarter Check Point announced a new product to combat this epidemic: Anti-Ransomware. This new endpoint solution offers immediate identification and blocking of malicious encryption processes. It even allows for recovery of any files that were encrypted by a ransomware infection – including new variants that haven’t been previously identified.
Great user resource about social engineering
A 2017 issue of the SANS security awareness newsletter, OUCH!, covers a popular topic: Social Engineering. This information is intentionally basic as it is targeted at end users, but it is worth reviewing and potentially sending out to users. Social engineering continues to be a favorite attack vector of the bad guys.
CEOs use shadow IT
The concept of “shadow IT” (sometimes called stealth IT) refers to when users or departments sidestep corporate IT by using technology not vetted or sanctioned by the company’s IT department. These days shadow IT is more of a problem than ever, and is often seen with BYOD and cloud data storage/backup solutions. A recent study of over 1,000 IT and business decision-makers found that one of the most common offenders sits in the corner office – in fact, 75% of CEOs admitted to using software or devices not authorized by their IT departments. When this attitude comes from the top it can then trickle down and be adopted throughout the organization. While many decide to clamp down and block this access, this approach can backfire. It is often a better strategy to try to address the needs that users (and CEOs) are seeking to fulfill, which will keep the problem from resurfacing.