By nature, foxes are attracted to hens. And like all predators, they’ll look for the easy meal. So, leaving the hen house unlocked is like putting out a neon sign advertising an all-you-can-eat buffet.
Similarly, hackers look for organizations with the easiest access to their networks and data. So it’s important to make sure you’re not a tempting target. Simply confirming that you’ve locked all your virtual entryways is an easy way to reduce your chances of letting hackers into your organization.
“Attackers are lazy,” says Matt Wilson, BTB Security’s Chief Information Security Officer. “Just about every statistic supports the notion that attackers will do the bare minimum necessary.”
That’s why hackers continue to randomly send millions of spam emails, looking for just one person to click and let them in. It continues to work. According to the Accenture 2019 Cost of Cybercrime report, 85 percent of organizations experienced phishing and social engineering attacks, an increase of 16 percent over the last year. Ransomware, in particular, is skyrocketing, having tripled over the last two years.
A regular assessment of your security stance is vital and should include penetration testing to identify issues and call attention to your biggest risks. Assessments will help identify where you should shore up your organization’s defenses and provide insight on the effectiveness of your ongoing monitoring. A good assessment will show where and how hackers test your defenses and identify weaknesses that could allow them to gain entry to your systems. This information also helps you to go on the offense, especially against some of the more complex, aggressive threats.
The challenge inherent in monitoring, however, is figuring out which alerts represent real danger. A typical network gets pinged millions of times a day, and much of this activity is normal. Some monitoring systems send so many alerts that IT is overwhelmed. It’s nearly impossible to identify the foxes hiding in this sea of data. The best monitoring services, like BTB’s RADAR, use technology to sift through all that data and people to investigate the abnormalities.
Beyond constant monitoring, a thorough security assessment will identify issues, including a lack of leading practices and policies, that can weaken your posture. Be prepared. This list can be overwhelming – it could include anywhere from a few dozen to hundreds of items.
“That’s why we take a risk-based approach, helping you to identify the most important issues for your particular organization,” says Wilson.
Specifically, BTB’s report ranks each issue in terms of importance and risk level, keeping it simple: high, medium, and low. It also ranks remediation of each issue based on effort/cost.
“This gives companies the information they need to prioritize their remediation, and pick which issues to tackle first,” says Wilson. “They might identify easy, low hanging fruit like patching that lowers their risk of becoming a target.” BTB also advises customers to think like a hacker. In this context, they might brainstorm about what a hacker might want to steal from their business - everyone has something of value - and act accordingly.
This information is also useful in justifying investments in security. Having a secure network, and being able to prove it, is becoming more important for businesses of all sizes, and not just because of the damage a breach can cause.
“I’ve had four conversations in the last two days in which clients said their customers were holding them accountable to certain security standards and requirements,” says Wilson. This is the kind of information that will grab management’s attention. “It’s not security just for security’s sake. There is quantifiable business value to being secure. You may not be able to win contracts with certain organizations unless you can prove you meet their standards.”