We have to admit that today, nobody is completely secure against cyber attacks. Both major companies and SMEs can fall prey to hackers. Many current trends in cybersecurity have emerged due to the pandemic and its effect on businesses.
Shortage of cybersecurity experts
There has been an increase in cybersecurity jobs, according to surveys by recruitment platforms. Companies are actively seeking highly qualified cybersecurity specialists to boost the security of their corporate networks. There is also a trend for continuous professional development. Companies provide continuous training opportunities not only to their cybersecurity staff but also to other in-house employees. They understand the importance of protecting themselves from cyber attacks at all levels and teaching their staff to identify attacks such as phishing emails, to prevent leaks of corporate data, for example.
Managers must also be involved in this process. A successful initiative must be realized from the top to the bottom. Obviously, ensuring the appropriate level of qualification for all specialists is time-consuming but this kind of investment can protect the entire company.
Every year, Tet employees take online courses on cybersecurity and pass an exam. All new employees must take these courses in the first three months at the new job. The courses are updated with regard to the recent trends related to cyber threats and the ways to identify and prevent them. Tet experts have also developed a cybersecurity guide for everyone to collectively work on the issue.
Cloud services have become increasingly popular amid the pandemic. Using them, companies provide their employees with access to their data and save money on the IT department infrastructure.
But one should remember that cloud services should be treated the same way as the local resources. One should not think that the cloud service provider will do everything for the user without a providing separate permission or purchasing additional cybersecurity services such as SOC. Say, if a password used for cloud services is not changed regularly, is too simple, or the MFA function is off, it would be as easy to hack this password as the one in the local systems.
Other protection mechanisms such as AV, FW, IPS / IDS, SIEM / DLP, Encryption, PIM and PAM must be set up correctly in your cloud services in your local network, let alone the fact that not all of them are on at all times.
Authentication by password gradually is now a thing of the past and is being replaced by more reliable identification tools such as multifactor authentication (MFA) that grants user access to the organization’s automated system after successfully presenting two or more pieces of evidence to an authentication mechanism. It could be a retina scan, PIN code, pass phrase, text message, and others.
According to Microsoft, MFA allows for preventing 99.9% automated attacks against user accounts, websites and any online services.
Amid the growing threats to cybersecurity, successful MFA tools seem more reliable than the old single-factor authentication that uses login and password that can be easily hacked by attackers.
Zero Trust is a security concept based on the idea that organizations should not automatically trust something inside our outside their network. Instead, they should verify everything before granting access to the corporate data.
The Zero Trust model changes the caste-and-moat approach when organizations are focused on protecting their perimeter, believing that everything that inside it is safe. One should understand security risks are present both inside and outside the “castle”. Here are the main areas of concern:
- zero trust people (make sure your employees have verified their identity);
- zero trust devices (do not trust employees’ devices that connect to the network or cloud services, verify them prior to their access);
- zero trust networks (divide the network into segments that center around each valuable asset of the company);
- zero trust workloads (monitor and control the access to cloud services and systems; monitor remote sessions);
- zero trust data (identify confidential or valuable data; classify it, outline access requirements depending on business demands).
Any company can be subject to cyber attacks and information leaks. The manager’s lack of attention to the development of tools to prevent such threats can lead to the distribution of employees’ personal data, disruption of business processes, as well as substantial fines for violating the General Data Protection Regulation (GDPR).
By Artur Filatov, Director of Cybersecurity at Tet (former Lattelecom)