The COVID-19 pandemic has increased the degree of exposure to the danger of cyberattacks. The advent of the cloud and the fact that many companies around the world have needed to implement remote work has raised the risk and called security into question.
We have seen a growing adoption of cloud delivery model-based services such as Infrastructure as a Service (IaaS),Platform as a Service (PaaS) or Software as a Service (SaaS). This, coupled with the fact that so many employees are working from home, often using the personal or family computer, has increased the risk and hinders the maintenance of cybersecurity policies.
Today, IT security experts are unanimous in stating that any company can suffer a cyberattack. The question ceased to be like,and it happened to be when.
Cyberattack: The weakest links are people
When an employee performs his or her duties in the company, there is a certain degree of protection in the devices he uses, because they connect to the company’s network. We can say that, at least to some extent, there will be enforcement of safety rules within organizations.
In the transition to remote work, these organizational security rules and policies should ensure an equivalent level of protection, but it is not so. For this reason, attackers can more easily access employee data and then use that identity to enter the company’s systems.
With the proliferation of remote work and the increasing use of cloud services,the notion of security perimeter has been lost. Critical business information is spread across various sites, media and formats.
Through employee access data, or by entering directly into less protected sites, attackers increasingly reach sensitive data.
As complex as the layers of security implemented in each organization are, it often takes a post-it with an annotated password in plain sight to throw it all away.
Sophistication of Cyberattacks
Attacks on the servers, applications, websites and neuralgic components of companies happen with increasing frequency. A good part of them are based on a ransomware model:
During this period it is common for the company to be prevented from operating. In cases where it becomes public that that organization has been the target of a cyberattack, the consequences on the image and trust of the company can be irreparable.
This type of attack has been growing, not only in quantity but also in sophistication.
There are more and more forms of silent attack. Cyberterrorists infiltrate the systems of companies without giving immediate signs of their presence and collect information. Sometimes it can pass more than a year between the security breach that allowed access and the ransom demand.
Thus, it is essential to work multiple layers of protection:
- Secure networks and more protected websites;
- Protection of devices through antivirus and anti-malware systems;
- Increased safety on key user equipment.
As much as protection is, there will always be a risk that human factors could compromise safety. In fact, these access points are usually the most fragile. Recent studies show that 84% of cyberattacks use social engineering. Source: ENISA Threat Landscape 2020 – Main Incidents
The proliferation of Social Networks has led to an increase in individual exposure of each person on these platforms. Cyberterrorists use this data to get to confidential information from individuals or companies where they work.
The Last Line of Defense
Your company’s had a cyberattack, what now? To what extent does the payment of a onerous redemption guarantee you a recovery of data and information in complete integrity? What guarantees do you have that you will not suffer a similar attack again in a short time?
EAvoiding all risks at all times is not possible, but maintaining a final layer of protection, something that works as a last line of defense can make a difference.
This solution involves maintaining backups (protected themselves from malware to ensure their integrity). This precious information needs to be kept in complete safety.
Defense Strategies of the Last Line of Defense
To ensure a solution that allows you to re-establish information in the event of everything else failing, there are a number of measures that need to be taken:
- Ensure that the information is properly protected and encrypted with keys accessible only to the organization;
- Use sensitive data encryption mechanisms, protecting them in the event of security failures;
- Ensure that the backup system,the last line of defence, is properly isolated, i.e. separate from production infrastructure and usually offline so as not to be susceptible to attack;
- Keep levels of protection ensured by other policies and technologies always high and properly updated (such as secure websites, antivirus andanti-malwareprotection, firewalls,VPNs and others).
These prevention measures will allow to restore the information without paying ransom and without having the case exposed in public opinion, which could degrade the image of the company
2020 reports show that the annual cost of cybersecurity incidents caused by internal threats exceeds €11 million. Additionally, 40% of the organizations surveyed feel vulnerable to the exposure of confidential information. Source: ENISA Threat Landscape 2020 – Insider Threat
Cybersecurity: Being prepared is being protected
Nothing is foolproof in IT, but good levels of protection can be created. The larger and more complex these layers of security, the more laborious a possible cyberattack will be, which can help decant that intent.
A cyberattack can target and compromise the availability, confidentiality, and integrity of an organization’s data.
Encryption mechanisms are useful to help “hide” critical information in case of misuse. At the same time, an efficient backupsystem, primarily protecting the production systems and equipment of key users of each organization, results in an extra level of security.
As defense solutions evolve, new means of attack always emerge, which leave systems vulnerable again. Thus, it is crucial to create this final security barrier and face it with the importance of a “praetorian guard” who, if necessary, will be transformed into the last line of defense.