What is a Self-Inflicted Security Threat?
As surprising as it may seem, a self-inflicted cybersecurity threat is a one that comes from the inside of your company; this is much more common than most executives realize. That is because the source of this self-inflicted threat is typically the company’s own employees. In fact, in a study recently done,
it was found that 52% of cybersecurity incidents affecting operational technology were caused by employee’s unintentional actions or human error. In addition, despite everything organizations have done over the last decade to strengthen their cybersecurity, businesses are still regularly plagued by breaches.
Cybersecurity breaches are not limited to a certain size of company or industry. Hackers indiscriminately target SMBs and enterprises alike, from manufacturers to professional services, education, and retail. Cybercriminals are on the hunt for holes in an organization’s defenses, where they can break through and steal or ransom as much of your data as you let them.
While most business owners and executives would rather focus on the day-to-day of their business and strategizing on ways to grow and strengthen their companies, the last thing they want it the stress caused by a bad actor who hacked into their systems. Fortunately, we know several steps you can take to minimize the risk of self-inflicted threats.
One of the most important things you can do to ensure the safety of your network and data is to train your employees regarding cybersecurity and foster a security awareness culture within your business. Because cybercriminals have built such a robust industry by using the Dark Web to sell your data, no company can afford to overlook training their employees to recognize threats. While larger corporations may already have security training in place, SMBs may have more limited resources. Whether your company’s resources are limited or not, you can take some simple steps to train your employees.
Have Written Cybersecurity Policies
By having your cybersecurity policy in writing, it will help your employees understand what is expected. It will also protect the company if any HR issues come up regarding an employee not following your cybersecurity guidelines. Here are a few key considerations you should add to your internal cybersecurity policies:
- Confidential or sensitive data: Your employees should know how to access, use, and share company data. Whether it’s proprietary information or customer records, each and every employee who has access to this data should know best practices regarding protecting this data.
- Company-issued devices: Employees should be taking steps necessary to secure company-issued computers, tablets, or cell phones. This means at all times, employees should never leave their devices exposed or unattended. Moreover, they should only log on to company systems through a VPN or by using multi-factor authentication.
- Emails: You need to have best practice guidelines regarding emails. These guidelines should include:
- Avoid opening attachments or clicking on links when the content is not properly explained
- Be suspicious of clickbait titles
- Check the email names of people they receive messages from to ensure the sender is legitimate
- Look for obvious English as a second language grammar and spelling mistakes
- If an employee is unsure whether or not an email they received is safe, they should refer it to their IT department or IT managed services partner
- Just do not open emails from unknown senders
- Have a strong password policy in place: Each and every individual at your organization should be following strong password guidelines.
- Computer locking: In order to protect company and customer data on computers, employees should lock their screens and devices any time they get up from and leave their desks.
- Report lost, stolen, or damaged devices: If the employee’s device somehow winds up to no longer be in their possession, they should immediately report it to HR and IT, so the appropriate steps can be taken to protect the data that was on those devices.
- Do not download unapproved software: Shadow IT is a huge problem in today’s digital world. Suspicious, unauthorized, or even illegal software installed on your company’s network can wreak all sorts of havoc. To prevent that from happening, it’s good to also have a Shadow IT policy in place.
- Social Media and Internet Usage: You should let your staff know what appropriate internet usage is and what is not.
- Disciplinary Action: Your cybersecurity policy should also include in writing what disciplinary action will be taken if employees violate your cybersecurity guidelines.
Make Cybersecurity Training Mandatory for all New Employees
By creating cybersecurity awareness and fostering best practices from day 1, you will help your new staff member avoid building bad habits from the get-go. Make sure that the day 1 training covers all of the most important topics. By starting cybersecurity awareness in your employee’s onboarding stage, your team members will understand the importance of cybersecurity and practice good habits from their very first week of employment.
Stay Up to Date on Compliance Regulations
As we live in a digital world, cybercriminals and their activities are well established. As a result, we often are dictated dos and don’ts of cybersecurity practices. (NIST, HIPPA, PCI, etc.) Lapsing or falling out of compliance, depending on what industry you are in, may have very severe consequences. Stay up-to-date and adhere to regulatory compliances for your industry, to avoid any negative impact on your business.
Know the Different Forms of Cybersecurity Threats
If you really want to effectively identify and prevent a security breach at your company, you and your staff need to know the different types of threats; how to identify them; and what you can do to stop them before they happen. These threats should include:
- Phishing Attacks
- Credential Stuffing Attacks
- DDOS Attacks
- Trojan Horses
- SQL Injections
Access to Your Systems
If your network is not protected correctly, you could be leaving it open to the risk of a bad actor gaining access to your data and infrastructure. In order to prevent unauthorized access to your systems, make sure that you have password protection for your network properly set up. Do not allow guests to your business to access your Wi-Fi. If you do, you may be putting yourself at risk. Your neighbors or even someone walking by may be able to get into your system and cause you harm. Because of that, you should only be allowing approved and authorized users and devices to connect to your network.
Proper Network Access Controls
You should base access controls on security measures that grant different users (employees), different levels of access on computers and systems. After a user verifies who they are, you should have controls in place that ensure you allow them to access the parts of your systems that they have a specific need to view or use.
Keep an Inventory of all Authorized and Unauthorized Devices
By keeping and actively managing all hardware and devices on your network, you should be able to ensure that only authorized devices have access and unauthorized devices are blocked from gaining access. You will not be able to defend your network if you do not know which devices are accessing it. Hardware that you should be tracking includes:
- VoIP phones
- Servers, Routers, and Switches
- Any other device authorized to use your network
Furthermore, you should have details about each one of these devices, which can include as much or little data as you see fit. This information can include:
- IP Address
- Device Type
- Model Number
- Serial Number
- Operating System Version
- Primary User
Keep an Inventory of all Authorized and Unauthorized Software
Just as you should be keeping an inventory of your devices, you should also be keeping an inventory of both software and applications on your systems. Often, IT networks breaches exploited software vulnerabilities. As well, software applications often put on patches and updates to fix issues and improve their application. This is why it is imperative you keep track of software on your network, to ensure it is all up-to-date and patched on time.
All Cybersecurity Frontline Solutions Should Still Be in Place
Even though you may have thoroughly trained each one of your employees, mistakes and errors still may happen. This is why it is important to keep current and up-to-date firewall systems, antivirus, anti-malware, and authentication systems in place. If your business does have the misfortune of a hacker gaining access through human error, you want to make sure you still have measures in place to stop them or at least slow them down.
Continuously Assess Your Vulnerability
Since hackers are always looking for weaknesses to exploit, you need to vigilant on continuing to learn about, assess, and take action on new threats. By doing this, you should identify your vulnerabilities, remediate when necessary, and minimize the risk to your business.