A Thorough Cybersecurity Strategy Begins with Knowing What You Are up Against
November 13, 2017
Since many modern businesses rely on technology, it becomes mandatory that they know how to best protect themselves against the myriad of threats that can be found online. Knowing what kind of threats that you may encounter is crucial in devising a thorough cybersecurity strategy.Active Threat Identification & Remediation Steps – the company will receive notifications of new relevant active threats identified by US-CERT, FBI’s InfraGard network, and FDIC for financial institutions.
Cybersecurity Assessment Tool (CAT) – CalTech will provide answers and information for items covered by CalTech services and/or our security baselines.
Policy & Procedures Guidance – CalTech will review the customer’s policies and procedures and provide updated policies for items the company subscribes to.
End User Training/Phishing Test – CalTech recognizes the most effective method to secure the company is through an educated workforce. This service will provide regular phishing tests and online cybersecurity training for the company’s employees. These tests will include reports to help gauge the company’s risk and better target employee training.
Security Information and Event Management (SIEM) – This solution will correlate events from critical systems and provide alerts in real-time of events that require attention. Events will be stored for 90 days in a central repository. Critical systems include firewalls, Windows servers, and routers. The SIEM system utilizes active and regularly updated threat feeds to maximize the company’s security posture.
Internal Vulnerability Scans – The Cyber Defense Program will provide quarterly internal vulnerability scans. These scans against the internal network will help the company and CalTech to identify system weaknesses. Scans will include vulnerabilities in missing patches, vulnerable software versions, missing/outdated antivirus and improper security configurations.
According to Cybersecurity Venture’s 2016 Cybercrime Report, the future of cybercrime is extraordinarily prosperous; costing businesses what is estimated to be over $6 trillion annually by 2021. Attacks today are 35 times more likely than they were only last year, and with almost two businesses-per-minute falling victim to a cyberattack, some companies have begun to implement changes that have cybersecurity professionals talking.
What Risks are Currently Out There?
If you keep an eye on our blog at all, you know that the most dangerous single threat to any organization’s network security strategy is the mistakes their employees can make. This is not to say that employees are deliberately sabotaging your organization’s networks, but if you were to examine the vast majority of security breaches on business networks, they would start with a social engineering or phishing attack that takes advantage of employee negligence. The mistakes employees make can let devastating malware onto your business’ network and can cause major operational problems. Some of the threats unknowing employees may let onto your network include:
Ransomware - The U.S. Computer Emergency Readiness Team (US-CERT) reported that there were 4,000 daily ransomware attacks in 2016. That number continues to climb. While ransomware defenses have improved substantially over the past couple of years, today’s ransomware is widely available and being utilized to lock out users from their network and files. There is now mobile ransomware that does the same to smartphone users. Additionally, ransomworms have been developed that are, like other malware worms, self-replicating. This means that by getting infected with a ransomworm attack, any user that is compromised will automatically identify the user’s contacts and send each one an email.
Cybercime Syndicates - The hacker that most of us have in our mind’s eye--the brooding, out-of-work software engineer--still exists, but today, the lone-wolf hacker isn’t nearly as scary (or as dangerous) as syndicated hacking groups. Hacking syndicates aren’t just underground groups of angry millennials; they are large corporate-like entities that are set up for one purpose: to hack. There’s not much a small business can do against a mid-market size company looking to infiltrate the smaller business’ network.
Botnets - A botnet is a series of zombie computers that are controlled through a remote connection. Since the typical botnet consists of hundreds or thousands of infected computers, it allows hackers to gain leverage over any network by using it for a Distributed Denial of Service attack (DDoS). The sheer amount of computing strength that is available with a botnet allows hackers to target one single network, and inevitably take it down. While past botnets had to be cultivated, today a botnet can be purchased on the dark web the same way you would buy a pack of gum at a convenience store. This presents a lot of problems for IT administrators who are looking to keep threat actors out of their company’s networks.
There are plenty more threats than we have listed. From mercenaries who just make and distribute malware through seemingly innocuous applications, to jaded former employees or hacktivists out to “get even,” there are many entities out there on the open web looking to break into your network and take data that they may or may not be able to use. To protect yourself, consider partnering with the IT professionals at CalTech. With our professional technicians proactively protecting your organization’s network, you can gain the peace of mind you need to focus on your business, not on the threats that could be lying in wait for you to make a mistake.
CalTech’s Cyber Defense Program (CDP)
Defense against cybercrime today takes more than just routinely scanning computers for viruses. CalTech has developed a comprehensive system of processes, called the Cyber Defense Program, to give your business the most thorough and cost-effective set of tools to combat the plethora of threats to your business systems. The Cyber Defense Program includes not only optimum threat-fighting tools, but also advanced warning systems for notification of attempted attacks, education of key business personnel about potential user behavioral issues, and regular review of incident reports with management.
Here are the key features of CDP:
Email us today at firstname.lastname@example.org to find out more about how we do network security.