11/29/2021 | Press release | Distributed by Public on 11/29/2021 08:26
As more companies move to the cloud, network security is imperative to mitigating their risk of a data breach. According to CheckPoint's Cyber Security Report 2021, threat actors have recently started focusing on exploiting vulnerabilities in perimeter and remote access devices like IBM WebSphere Application Server, Oracle WebLogic, Microsoft Remote Desktop Gateway, Citrix NetScaler Gateway, and others. Their motivation? Once they gain access to these applications, they've gained access to your larger network.
By gaining access to networks, threat actors can gain the foothold necessary to perpetuate attacks across multiple systems. And no organization is too small for threat actors. In fact, the 2021 NetDiligence Cyber Claims Study reported that 98% of claims made in 2019 were from small-to-medium-sized enterprises with less than $2 billion in annual revenue.
The best way to start protecting your enterprise network from cybersecurity threats is to understand the threats in today's landscape, and then create a plan to confront them. Let's take a closer look.
There are four cybersecurity risks that every enterprise should be aware of. Namely, they need to ensure employees are using strong passwords, minimize the number of inactive accounts, devices and software, avoid using software that's passed End of Support, and shore up their approach to firewalls and antivirus. Keep reading to examine each risk in more detail.
While password security might seem like a basic concept, it is fundamental in protecting networks from unauthorized access. For example, according to the 2021 Data Breach Investigations Report, stolen credentials can be linked back to 81 percent of breaches. As on-premises and remote users often need logins to use basic business software, password security is essential to smooth business operations.
To mitigate this risk, organizations need to establish and enforce strong password policies. The password policy should require:
As a way to help enforce the password policy, organizations might want to consider providing users with a password management tool.
Additionally, enforcing multi-factor authentication (MFA) can also enhance password security. MFA requires users to incorporate at least two of the following authentication methods:
MFA makes it more difficult for threat actors to gain access to a network because the biometrics and objects are unique to the user, preventing remote threat actors from accessing the account.
Inactive accounts are accounts for users who are either away from work for an extended period of time, or those who have left the organization but their account has not been deleted. Keeping track of these accounts and removing them when no longer necessary will reduce the attack surface against your organization.
With remote access now driving business operations, devices, and applications that use the network become access points that threat actors can manipulate during attacks. Inactive devices, software, and user accounts are often unmonitored, meaning that threat actors can use them without being detected.
For example, when a leading credit rating agency experienced a data breach, threat actors used a device that had been inactive for nineteen months. When the company updated the security certificate, they noticed abnormal traffic, indicating a compromise.
To mitigate the risk that threat actors will use a "zombie" device, account, or software, organizations should:
Many organizations use a network scanner to detect devices and software accessing the network. Additionally, reviewing user accounts for workforce members who recently terminated their employment is another way to limit network access risks.
Another primary network security vulnerability comes from old and outdated software. When software companies no longer provide support, it means that they no longer supply security updates. In other words, if security researchers or threat actors find a new vulnerability in old software, the company no longer releases a security patch to mitigate risk.
To mitigate the risk that threat actors will leverage known vulnerabilities in End of Life (EoL) or End of Support (EoS) software, organizations should:
Firewall configurations can be both a security control and a weakness. Appropriately, configured firewalls only allow approved connections to an organization's network. Organizations usually use allow and deny rules which approve trusted IP addresses and deny all others. Since every device or source has its own IP address, firewall rules and configurations mitigate risk by denying access to unknown devices or sources.
Misconfigured firewalls, however, can let in unknown devices or sources. For example, one US city experienced a data breach because threat actors were able to scan the network for firewall misconfigurations that allowed them to deliver ransomware using an unknown, untrusted device. To mitigate this network risk, organizations should look for solutions like:
While EDR offers a starting point, XDR is ultimately a more robust approach to mitigating endpoint security risks. However, many organizations struggle to manage these solutions on their own.
Managed Detection and Response (MDR) offers a service solution that small and mid-sized organizations can use to enhance their security posture. With MDR, organizations can gain the benefits of XDR while outsourcing the services to reduce the burden placed on internal teams. MDR services incorporate the following:
Our Managed Detection and Response (MDR) services are the best way to reinforce your network security. No matter what your needs are, our experts are here to help you find solutions.
Learn MoreNetwork security is increasingly complex, especially with remote users accessing the network. Securing networks requires full visibility into all the different access points that threat actors can use. This makes it challenging for many organizations to manage network security on their own.
However, securing your network doesn't need to be a headache. Managed Detection and Response (MDR) Services allow organizations to access cutting-edge technology solutions as well as the expertise of seasoned network security experts, without needing a full staff devoted to security. As organizations of every size continue to look for a cost-effective security solution, MDR provides them a way to mature their security without having to do all the work internally.
Leave a comment to let us know what you think about this topic!
Leave a commentIs Your Nonprofit Organization Headed for a Data Breach?
Many NPOs lack the time and resources to adequately protect their data against the threat of a data breach. Learn how to know if you're headed for a breach.
What Are the Key Challenges of Endpoint Security?
Understanding the key endpoint security challenges and how to mitigate risk can help organizations enhance their overall security posture. Read more.
Cyber Security Update October 2021
Healthcare organizations are constantly under attack from hackers. What are the reasons and how can these businesses improve their cybersecurity?