Julian Soriano, Head of Information Systems Security at Box, a leader in Content Cloud, assesses the essential tools and procedures that must be put in place to secure work environments and enable all employees to participate in the fight against cyberattacks in 2023.
It answers the following questions: Project outsourcing, remote working, multiplying access points, innovation, and new cyberattack technologies: How can companies arm themselves against potential threats? how the CTO And International Olympic Committee Can they achieve a safe and user-friendly work environment for all employees while meeting their growth goals?
In 2022, 9 out of 10 businesses have been targeted by cybercriminals¹. In the face of renewed attacks, countries are taking concrete action: releasing budgets, strengthening international cooperation, and putting in place new regulations. Companies understand the importance of enhancing the security of their environment. Especially in the context of the hybridization of work leading to attack risks: 79% of companies are aware that remote working has had a negative impact on their security systems, and the risks may come from employees or external partners². Ironically, they were only going to plan to increase the budget by 10% for this.
Tip 1: Protecting from Social Engineering and Insider Threats: A Layered Approach
With the current waves of layoffs at many tech companies, insider threats could increase exponentially this year. They can create a flood of disgruntled employees who can hurt the business of their previous employers. Former employees with access to sensitive data and/or critical knowledge of the environment could cause irreversible damage.
Social engineering and insider threats are well-defined malicious acts, however, there is no magic bullet to protect organizations from these attacks. However, security strategies must be an integral part of the organization’s architecture and design principles (rather than an afterthought) and consist of various complementary defense mechanisms, from people to technology tools. For example:
- implementation a MFA method FIDO 2.0 is robust and works with hardware switches to reduce exposure to “MFA fatigue” exploits.
- Enforce a comprehensive trust policy for devices with extended security tools for end-user devices to complement the MFA.
- consider it RBAC (Role Based Access Control) f CBAC (context-based access control) as part of your authorization mechanisms. Assign roles and privileges based on employee roles, access needs (privileges, system, etc.) and ensure a good fit between employee roles and responsibilities and the need for them to access critical data to perform their jobs.
- Include and improve behavioral detection mechanisms for reporting and investigating suspicious or unusual activity, such as logging the same user into multiple sessions from different locations or systems.
- Build a detailed training awareness program for employees, based on their role and the data they have access to – then test their awareness of engagement and reward techniques to allow them to learn from their mistakes.
- Build the least privileged access and zero trust models into your enterprise security architecture, assigning the least access and permissions necessary to perform specific tasks.
Tip #2: Adapt to threats: rely on automation and artificial intelligence
Businesses shouldn’t just rely on humans and manual processes when it comes to security: AI has come a long way in recent years. Both AI analyzes a staggering amount of signals, which would be impossible for a human to handle, and can identify unknown threats or malicious activities to prevent their spread in near real time. In this way, the defense not only keeps up the pace, but can also be proactively protective to reduce the risk of attacks.
Many tools can predict and help anticipate future threats: when types of attacks are most likely, or which employees and teams are most at risk. In addition, they make it possible to automate manual controls and repetitive processes such as security policies, thus relieving responsible teams who are already under a lot of pressure.
Tip 3: Exposure to hazards is part of everyday life: Prepare for emergencies with the “red team”.
Security experts must educate all of their employees. The best way to do this is to simulate real threats. For this, we use the so-called “red team”, who act like real cyber criminals. In doing so, they must reveal themselves as late as possible to save appearances. the red team Not only does it help test employees’ security awareness, but it also helps the security teams themselves detect, respond to, and contain potential crisis without exposing organizations to real threats.
But even without red teams, drills should be conducted regularly in companies for training purposes, to gauge how teams react during a security breach. The goal is to use this feedback to improve incident response procedures and to strengthen the reactions teams should adopt when risks arise (simulating social engineering, phishing, etc.)
Conclusion :
The current global economic and political situation has not made it easy for cybersecurity teams to operate in 2022. And to be completely realistic: the situation is unlikely to subside this year. That’s why it’s so important for companies of all sizes and in all sectors to be proactive and use industry standards for security (NIST, AAA, FIDO 2.0, etc.), as well as Red Teams and AI-based tools to help quickly identify threats, even at a point in time. early. However, security tools and methods are always evolving and sometimes overlapping. Here, the important thing is to build a security strategy with the technological processes that will allow companies to implement the most effective security strategies in the best possible way. It is also essential to engage the teams, to make them aware of the importance of security within the organisation, to show that they are at the heart of the company and vital to its sustainability. Safety should never be an afterthought and should be a priority for all employees. In the end, security can only be effective and successful if it is seen as an enabler for companies moving forward.
¹ Dell Technologies Survey: Global Data Protection Index 2022
² Kaspersky IT Security Economics report
³ Verizon 2022 Report
<< اقرأ أيضًا: الأمن السيبراني ومجالس الإدارة: نحو قوة حقيقية للمراقبة >>>
