How’s your cybersecurity IQ? What organizations need to know.
May 08, 2022
By: Mark Scholl and Thomas J. Loring, Wipfli LLP, Risk Advisory and Forensic Services
How prepared is your organization amid the rising threat of cyberattacks? The COVID-19 pandemic and, most recently, the Ukraine crisis have amplified the risks — and elevated awareness.
Increasing your defenses and resiliency from nefarious and costly efforts requires your team to be on high alert. But the reality is that not every organization is optimizing the training and software tools necessary to improve their security.
Before you take measures to boost your protection, it’s helpful to understand common practices that could put your organization at risk:
Business email compromise
An estimated 91% of cyberattacks start with email. And even the best spam filters are far from perfect. Malicious email, with spoofed sender credentials or seemingly legitimate attachment or web links, can easily ensnare your employees or customers. People caught off guard can act precipitously because of the false urgency or deadline conveyed by these messages. Organizations that commonly send wire transfers are particularly enticing targets for hackers.
When bad actors send emails intended to mislead recipients, be sure your employees know to verify the identity of the sender of message when asking for a change of account info or change of instructions for wire transfer. A phone call to the sender at a confirmed number from the sending entity is the best way to check the authenticity. It’s also critical to advise your customers phone the sender when they receive such requests for payment.
Rogue systems or software
When employees download applications and other software that are not supported or approved by your organization, you are opening up your organization to risk. For example, unauthorized cloud storage like Google Drive or DropBox can be a problem because your critical data is being uploaded to a place outside of the organization’s control and may not be sufficiently protected.
Unauthorized flash drive use
Use of these seemingly innocuous devices could increase your organization’s vulnerabilities if data is obtained by unauthorized actors.
Evolving ransomware schemes
These attacks continue to evolve and are getting more sophisticated. When malicious code shows up on your computers, you’re required to pay money to regain access to your network and data. The latest twist is criminals threatening to leak it (and not just hold it hostage) if you don’t pay up. If your network is backed up as it should be, that can help, but many find the backups are not complete and the disruptions to business are significant.
Ransomware attacks from Russia and other countries are on the upswing, and although these attacks are not necessarily sponsored by the government, they’re likely protected by the government. The criminal organizations behind them can extort a lot of money, as officials in their home countries tend to look the other way regarding such activities
So how do you avoid becoming the low-hanging fruit for cybercriminals? Keep these steps in mind.
1. Hold ongoing training and readiness testing
A coordinated, and regularly updated, training effort for your employees throughout your organization is necessary, as they are the frontlines of your organization’s defense against cyberattacks. Tabletop conversations as well as an inventory of your cybersecurity tools are essential. You need to be monitoring systems for installations of unauthorized or unlicensed software or else you open yourself up to a range of legal risks, including cybercrime.
2. Perform network segmentation
You don’t want all of your organization’s data in one place because that makes it easier for cyber attackers to get access to it. Keeping it separated will reduce the impact of an attack if your organization’s data is compromised.
3. Be aware of DDoS
Talk with your internet service provider about the measures they’re taking to reduce the risks of distributed denial of service attacks. On your end, you should be carefully monitoring and analyzing network traffic to be on guard for suspicious activity.
4. Perform a software and hardware inventory
Be sure you know what your organization is using. If you don’t know what you have, you can’t protect it.
5. Increase your perimeter defense
It used to be simpler to monitor data. But because of multi-cloud operations and data stored in different places that your organization accesses, it’s more complex to track. The firewall protection you have is critical, so make sure it’s configured correctly for your organization.
6. Check your incident response plans
If a data breach does occur, you need a tested strategy to deal with it. Check your backup and recovery plans. Backup systems should be physically separated from networks. Having a copy of your organization’s data that’s offline and inaccessible to hackers has become an industry best practice and will reduce the risk of a ransomware attack.
7. Use strong authentication
Awareness is growing about using complex passwords and multifactor authentication. And new authentication methods are an important risk management tool. Biometric techniques are on the rise, with retina scans already being adopted in some places. Exploration is also underway in the use of fingernail bed images in identity screening. But the main point to remember is that passwords alone are not enough anymore to provide access to networks. It’s important to prove who are you are as the risks from cyberthreats grow more frequent and severe.
8. Encrypt sensitive data
Encryption will keep data from being accessed if a device falls into the wrong hands. With more remote employees, there’s a greater chance of computers getting lost or stolen, so encryption is a critical security prevention step.
How Wipfli can help
Many organizations have knowledge gaps and ineffective tools for combatting cyber threats. Wipfli’s cybersecurity team provides a wide range of services that address the varied and complex needs of organizations.
From risk assessments and IT control reviews to cloud security and vulnerability testing, our experienced professionals identify areas you need to shore up and help you implement new practices where needed. Our cybersecurity team has the latest knowledge that can help you keep you ahead of the latest risks.
Want to learn more? Stay on top of the latest cybersecurity threats and recommendations through Wipfli Security Weekly emails. To reach out to Wipfli for questions or additional assistance, click here.
