With the risks posed by cyber threats higher than ever, all companies need to review their security strategies and ask if they are really doing enough to stop themselves becoming the next brand to hit the headlines for all the wrong reasons.
These days, stopping a data breach is a complex, challenging process. Techniques used by hackers are evolving all the time, security professionals are engaged in a constant arms race, and there's no single silver bullet that will give them the edge. Therefore, having layers of security that protect a company's network at every level is essential.
But what do you need to ensure your layered protection strategy is effective? Here are six essential features and tools no business can afford to be without.
Unpatched systems and applications are often among the biggest holes in any business' network. According to figures from Fortinet, some 90 percent of hacking attacks in 2017 were achieved using known vulnerabilities that were at least three years old and could have been avoided if the targets had effectively updated their systems.
This is a basic precaution for any IT manager, and it's fairly simple to automate with scripting tools, or more sophisticated dedicated tools that can take the hassle out of patching by downloading, testing and installing patches from multiple software vendors without the need for manual intervention.
Antivirus tools are another basic defense that no business should be without. Some people may believe that in today's world of sophisticated hacking tactics, these traditional defenses have become obsolete, but this is far from true.
While antivirus alone is no longer an effective way to stop all attacks, it's still an important first line of defense that blocks many of the everyday threats firms are exposed to. Today's solutions are more advanced than ever, and are able to detect unknown viruses and Trojan software. A huge number of attacks still use malware as an entry point into enterprise networks, so antivirus software is not optional.
Network security tools can cover a wide range of tools to protect your network within its perimeter. For example, access control tools and monitoring ensure that only the relevant personnel should be able to view key files, and can send alerts when anyone attempts to access them.
Intrusion detection software also has an important role to play. Many of today's sophisticated hacking techniques can lie undetected within networks for months, stealthily gathering information, so being able to spot any unusual activity can prevent costly breaches before they have a chance to do damage.
Web and email protection
The internet is still a key line of attack for many hackers, so you need specific protections in place to defend against it. According to Verizon, more than half of malware infections (54 percent) come via web interactions, so web protection services that receive regular updates of domain names and IP addresses associated with malicious behavior and can be used to block visits from corporate networks, are another vital layer of your defenses.
Similarly, email remains a common choice for delivering malware. Enticing employees to click on suspicious links sent within emails, or downloading malware-ridden attachments remain tried and tested methods of gaining access to a company. To defeat these attacks, ensure your email security is up to date, and your employees are educated about common methods such as phishing.
Effective backup solutions are a critical last line of defense against attacks that are designed to destroy applications or databases, block access to data or involve physical theft. They can't protect against every attack, but with more companies facing emerging threats such as ransomware, the value of regular backups cannot be underestimated.
Indeed, figures from Code42 reveal that 73 percent of chief information security officers have taken to stockpiling cryptocurrency in order to pay cybercriminals, and of those, 79 percent have paid a ransom in order to recover data. Therefore, if a company is able to revert to up-to-date backups, it can save a lot of money, as well as get companies back up-and-running much faster.
All the above layers must be backed up by effective risk management skills. This means not only knowing what protection to put in place and which parts of the business are most vulnerable, but also having a clear plan in place for what to do should the worst happen and you discover a breach.
The National Cyber Security Alliance details three key parts of good risk management; prevention, resolution, and restitution. If you're only focused on the first of these, you'll be left unprepared in the event of an attack. Absolute security is an impossible goal, so having contingency plans is a must-have to minimize the damage, both in terms of financial losses and your firm's reputation.