6 Biggest Cyber Security Risks and How You Can Fight Back
Download as PPTX, PDF0 likes888 views
The document outlines six significant security risks businesses face, including threats from disgruntled and careless employees, mobile security breaches, cloud application vulnerabilities, unpatched devices, and risks posed by third-party service providers. Solutions include training staff, enforcing strict password policies, implementing mobile and cloud security measures, and maintaining an up-to-date patch management program. The document emphasizes the importance of conducting a risk assessment to protect sensitive data and mitigate the impact of potential breaches.
6 Biggest Cyber Security Risks and How You Can Fight Back
- 1. 6 Biggest Security Risks and How to Thwart Them
- 2. With 2014 being noted as “The Year of the Breach,” many businesses are still unprepared or not properly protected from numerous security threats. So what can your business do to help keep sensitive data safe? Check out the following slideshow to learn how to protect yourself and your business from threats.
- 4. What’s The Solution? Step 1: Identify all privileged accounts and credentials & immediately terminate those that are no longer in use or are connected to employees that are no longer at the company. Step 2: Closely monitor, control, and manage privileged credentials to prevent exploitation in the future. Step 3: Implement necessary protocols and infrastructure to track, log, and record privileged account activity [and create alerts) to allow for a quick response to malicious activity and alleviate potential damage as early as possible.
- 5. 2. Ignorant or Careless Employees Employees who are not properly trained in security best practices and have weak passwords, visit unauthorized websites, and/or click on links in suspicious emails or open email attachments pose an enormous security threat to their employers’ systems and data.
- 6. What’s The Solution? • Train employees to learn how to manage passwords and avoid hacking through criminal activity. • Provide ongoing support to make sure employees have the resources they need to continue to keep your business secure. • Make sure your employees use strong passwords with letters, numbers, symbols, upper and lowercase. • Ensure employees use a separate password for each site and change them every month or two. Use a password management system to facilitate this process. • Have your IT department deploy validated encryption • Implement multifactor authentication such as One Time Password (OTP), RFID, smart card, fingerprint reader or retina scanner to ensure the user is who they claim to be
- 7. 3. Mobile security breaches have affected 68 % of global organizations in the last 12 months.
- 8. What’s The Solution? • Create a carefully spelled-out BYOD policy • Implement mobile security solutions that protect both corporate data and access to corporate systems while also respecting user’s privacy • Look to hybrid and private clouds for mitigating potential risks
- 9. 4. Cloud Applications The cloud - by definition - is more insecure than storing data on premises. When you don't own the network, it's open to the rest of the world, and you don't control the layers of the stack.
- 10. What’s The Solution? The best is to guard at the data level using strong encryption, such as AES 256-bit, recognized by experts as the crypto gold standard and retain the keys exclusively to prevent any third party from accessing the data even if it resides on a public cloud.
- 11. 5. Unpatched or Unpatchable Devices These are network devices, such as routers, servers, printers, etc. that employ software or firmware in their operation, yet either a patch for a vulnerability in them was not yet created or sent, or their hardware was not designed to be updated following the discovery of vulnerabilities
- 12. Institute a patch management program to ensure that devices, and software, are kept up to date at all times. What’s The Solution?
- 13. 6. Third-party Service Providers Many of the high profile and extremely expensive breaches of the past year (think Home Depot, Target, etc.) were due to contractor’s login credentials being stolen.
- 14. What’s The Solution? Companies need to validate that any third party follows remote access security best practices, such as enforcing multifactor authentication, requiring unique credentials for each user, setting least-privilege permissions and capturing a comprehensive audit trail of all remote access activity
- 15. Although it is impossible to have perfect cyber security, you can minimize the impact of a security breach and leak by conducting a risk assessment to identify where your valuable data resides and what controls or procedures are in place to protect it. How secure is your infrastructure? Sign up for MTG’s Free Network Consultation today to find out! www.247TECH.com