So, what are IT departments doing to protect their corporate assets and identity from attack? Research suggests that most IT departments are not keeping pace with the changes in cybersecurity. Given the rapid adoption of the connected world, it’s no wonder there is a struggle to keep the pace.
SecTor was about just that. What can IT departments do to enhance their overall cybersecurity measures, keep pace with changes, and ensure that when a breach does happen (because it likely will)—they know what protocol to follow?
Just staying up to date with industry terminology is enough to keep you busy. Here are a few terms that were thematic throughout the two days at Sector.
MFA (aka: multifactor authentication): Three or more factors of authentication are required. Two-factor is no longer good enough. Now employees should authenticate in three ways by identifying something you know (password), something you have (security token), and something you are (biometric).
Privilege Creep: A person who works for a long time at one organization and moves from job to job over the years, also carries with them the access to files that they once needed but don’t anymore.
Micro Training: When an employee does something risky that may cause a breach, organizations can now pop up a video to quickly train the user on the correct behaviour.
Zero Trust: The notion that authentication must be completed first then trust in the user can be achieved. This is typically done to access each application. All organizations should be adopting this process for all access points within the company’s on-prem and cloud environments.
Of course, there are many other terms to be identified, but this is a good start.
If we know it takes no time for a cybercriminal to breach a system—in fact, it only takes one minute and 38 seconds—IT workers have their jobs cut out for them. A notable trend that emerged as part of discussions at SecTor was the disablement and/or corruption of backup files, which ultimately lead to data exfiltration. Data exfiltration is when a company’s data is copied, transferred, or deleted. If you think of the banking or health industries, data is critical and personal.
Imagine, as a CISO, you arrived at work Monday morning after a nice long weekend, only to learn that there was a cybersecurity breach and that the breach resulted in the corruption of backup files needed to recover from the attack.
This is why a zero-trust policy should be in place. It is why multi-factor authentication is critical. Experts go as far as recommending passphrases as the “something you know” in your security settings. It is also why single sign-on (SSO) is such a key element in avoiding privilege creep and ensuring the right access.
As we adopt and integrate cybersecurity best practices into our daily lives, businesses will still need to continue evaluating their appetite for risk, how much to invest to reduce the risk, and the processes that they need to continuously evolve to avoid the next attack. Ransomware, data corruption or other industrial corporate espionage is not going away, and realities suggest they are becoming a daily battle that is building momentum—aimed at becoming a $10.5 trillion industry by 2025.