To meet the challenges of 2021 and beyond, CEO’s need to bring clarity to their cybersecurity needs and this will involve challenging their IT Teams to prove they are in full control of their infrastructure.
- How do you bring clarity to something that is not within your realm of expertise?
- Can you trust information you receive from an IT Team that is unclear about what it should be focused on?
Enticed by vendor pitches that promise products that block all new threats as they appear on the landscape to ensure a ransomware attack will be avoided (All done without any assessment on your existing infrastructure to identify where it is exactly you are vulnerable), companies end up buying one solution after another without any plan.
In the process, IT Teams may end up with a tangled mess of products and services that don’t work together, or technologies that staff don’t know how to use effectively.
There is also the issue of “Alarm Fatigue”, as when products promise to prevent a breach, they tend to identify any blip on the network as a potential threat and raise an alarm just in case.
PwC’s 2021 Global Digital Trust Insights survey shows that 53% of IT / Cybersecurity team executives aren’t sure that their company’s cyber spending really addresses the risks the company faces and uses solid data as a basis for setting priorities.
This suggests confusion within the IT Team that leads to a situation akin to “Silent Cyber” within the insurance industry. In other words, the IT Team is uncertain of what exactly it should be doing but knows the C-Suite think they are doing everything.
Or to put it another way, both sides hope nothing goes wrong but if it does the C-Suite will say they assumed the IT Team had things covered.
The reality for companies today is there is no longer a perimeter to protect and with remote working becoming the norm and BYOD stretching digital boundaries to their very limits, good security is significantly tougher to achieve.
Complexity is the enemy of security, everything you do to keep things simple makes the company more secure, what’s most important are the three Ps;
All equipment needs to be regularly updated and patched, you need to determine who has access to what (track access and implement password-protection) and ensure your password policies are best practice.
As a CEO you can process this quiz and understand where you stand on the radar of the cyber-security levels established.
- How many Domain or Enterprise Administrator accounts are in your infrastructure?
- Will your Administrators be able to distinguish their own actions from the actions of hackers, if their own accounts are compromised?
- Do Administrators use their highly privileged accounts solely for the tasks for which they were created, or do they allow themselves violations?
(Reading mail, installing free software, unnecessarily accessing other hosts on the network)
- How many active GUEST accounts do you have in your infrastructure?
- How many active local Administrator accounts do you have in your infrastructure using an unrestricted password?
- How many active Local Administrator accounts do you have in your infrastructure using the same password?
- How many active Local Administrator accounts do you have in your infrastructure that do not have any password requirements?
- How many active accounts are included in the Administrators group in your infrastructure?
- Have all users proven themselves to be trustworthy/responsible employees or are there active accounts for users that have displayed risky behaviour in the past?
- How many hosts are actively using software with remote access capabilities? (TeamViewer, LogMeIn)
- Are anti-virus tools installed, working, and updated on all hosts and servers?
IT Teams may highlight how they have implemented two-factor authentication (2FA) and Network segmentation, and these are good approaches to reduce the probability of a successful attack.
But infrastructure is much more complicated and deploying these solutions alone will not stop your network from being breached.
Bear in mind some issues regarding 2FA:
- 3rd party contractors may have not implemented the same level of security.
- Remote staff with their own devices
- Internal “service accounts” that can’t work with 2FA
- Unsupported versions of Windows OS (Windows XP for instance) that cannot be patched
Regarding network segmentation:
You can split your network into many segments that will work separately and be secure from each other, but they still need to connect to a Domain Controller, a Database, or other Servers (Document Management System, Fileserver, etc.).
If adversaries gain access to these Servers, they can avoid the network segmentation obstacle and deliver their malware by using the same tools that administrators use (Domain Policy, PsExec, DameWare, VNC etc.).
If this information is helpful to you read our blog for more interesting and useful content, tips and guildelines on similar topics. Contact the team of COMPUTER 2000 Bulgaria now if you have a specific question. Our specialists will be asiisting you with your query.
Content curated by the team of COMPUTER 2000 on the bases of marketing materials provided by our partners/vendors.
Follow us to learn more
Let’s walk through the journey of digital transformation together.