Node4's Middle-Market IT Priorities Report showed this. 32% of IT decision-makers stated that improving and strengthening IT security is their top priority for 2022. Remote working was also highlighted in the report. More than three-quarters (78%) of respondents stated that they need to improve security across collaboration tools as well as manage potential vulnerabilities.
They are not alone in their worries. Many employees worked in offices before COVID. They were able to work within a secure network and were office-based. The death knell of the 9-to-5 office-based routine was sounded by the introduction of legislation that required employers to allow homework where possible. This marked a major shift in the way remote workers were secured.
Some organizations were moving to a cloud-based, zero-trust infrastructure that would allow for secure remote work. However, many businesses weren't in that position. This meant that they were creating security vulnerabilities by introducing new IT systems and applications faster than they wanted.
Russia: Should We Worry?
Although initial fears were skewed against it, cyberattacks by Russia on UK targets have declined since the outbreak of war in Ukraine. Cybercriminals in the region may be feeling the effects of the conflict, as everyone else.
It is also possible that Russian cybercriminals, who may have targeted UK organizations, are now focusing their efforts on Ukrainian government websites and other pro-Ukrainian groups. It's possible that cybercriminals are also being hindered by sanctions against Russia.
However, that doesn't mean that we should lose sight of the prize. While Russian cybercriminals might be engaged in other activities right now, once the conflict is over they will want to get back at business.
Not only are we hyper-vigilant about Russian hacker attacks, but other hotspots such as Brazil, Nigeria, and China are also active. We have data showing that the total number of cyberattacks in Europe has increased by 18% over the course of the conflict. This is a clear indication that criminals are trying to profit from the fear, uncertainty, and confusion caused by the conflict.
How can I Protect Myself and My Organization From Cybercriminals?
Cybercriminals have many ways to attack businesses. One of the most efficient methods is to use phishing emails as a means of delivering ransomware, exploiting software vulnerabilities, and compromising weak credentials. There is no single solution that will protect you from all these types of attacks. Organizations need to develop a strong arsenal and layer of security solutions.
These are some options:
1. Endpoint Detection and Response
Any device that connects with an IT network, such as a smartphone, tablet, computer, laptop or PC (or even a printer), is called an endpoint. While endpoints are legitimately used to connect employees to the network, and each other, they can also be used by cybercriminals to gain unauthorized access.
Endpoint risks vary depending on the number of applications that they use. Each application could also be a gateway for cybercriminals. These doorways can be more vulnerable if they are not in an IT environment. Even a small company can have thousands of vulnerabilities.
If you haven’t done so already, it is worth looking into Endpoint Detection and Response solutions. These solutions monitor endpoint behavior and use analytics to identify suspicious or malicious activity. These solutions are more proactive than traditional endpoint security, which relies on downloading signatures to protect.
2. Management of Vulnerability
Make sure every asset in your company has the most current operating system. Also, ensure that all software is up-to-date. Software companies no longer support older products, which can increase device vulnerability. Automating your patch management is an option that you should consider, so employees won't have to do it manually.
3. Mobile Application Management
Multi-factor authentication is required for apps like Outlook and Office 365 that are used on mobile phones, computers, laptops, or tablets. This ensures that data access can be controlled even when employees use their own devices.
4. Virtual Chief Information Security Officer (VCISO).
For smaller companies, it might be beneficial to hire a virtual CISO that can only work a few days per month. They can help with the aftermath of an attack and run cyberattack simulations. This is a cost-effective way for a company to have an individual who can provide a comprehensive view of IT security, as well as the ability to draw on experience from other organizations.
5. Security Posture Assessment (SPA).
A specialist IT service provider can be hired to manage a SPA. This will help to lay the foundation for a more integrated, long-term approach toward IT security.
6. Training for Staff
IT departments play an important role in helping employees increase cybersecurity awareness. They encourage employees to be more cautious about suspicious emails and make them aware of common attack vectors. This is crucial as phishing and other social engineering scams rely on human vulnerability to gain unauthorized network access.
As part of a comprehensive ethics hacking initiative, some organizations consider it practical to create a social engineering fraud. This can help staff to be educated - by highlighting the reasons they may have fallen for it and how to prevent it from happening in real life.
It is clear that corporate IT networks have been exposed by the rapid adoption of collaboration tools, and the introduction of remote working during the pandemic. This is especially true for companies that do not use a cloud-based security approach.
Even those companies that have adopted cloud technology, such as better identity access management, data encryption, and mobile device management, should be vigilant. The functionality may be available, but that doesn't necessarily mean it has been activated correctly or is being maintained properly.
Ransomware attacks can be a lucrative global business. Cybercriminals will not give up and continue to find new, innovative ways to launch attacks. Even if the Russian-instigated cybersecurity threat doesn't materialize, it's still important to be vigilant. Independent data indicates a 16% rise in cyber-attacks worldwide during the war. No one wants to be the next victim of cyber-attacks, regardless of where they originate. You must ensure that you are doing all you can to protect your organization and yourself.