Two basic actions that reduce enterprise cyber risk by 60%
Earlier this year, intelligence reports related to events in Ukraine indicated an upsurge in Russian cyberattacks. As a result, U.S. President Joe Biden issued a warning and requested that organizations be more vigilant and do all they can to thwart Russian cyber-actions.
“This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience. I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. Today, my administration is reiterating those warnings based on evolving intelligence that the Russian government is exploring options for potential cyberattacks,” said President Biden.
ChatGPT training built for everyone
Before the announcement, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up alert (see alert) that included mitigation guidance for anyone suffering an attack.
“The federal government can’t defend against this threat alone,” said the president. “Most of America’s critical infrastructure is owned and operated by the private sector, and critical infrastructure owners and operators must accelerate efforts to lock their digital doors. If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”
The warning followed a series of recent incidents in the U.S. and Europe. The FBI announced, for example, that a ransomware gang had breached the networks of more than 50 U.S. infrastructure organizations, including energy, nuclear, water and manufacturing facilities. In addition, more than 20 American companies working in liquefied natural gas (LNG) production suffered cyberattacks, including Chevron and Cheniere Energy. Around the same time, hackers disrupted vital oil terminals at ports in Europe. And in 2021, Colonial Pipeline was locked out of its systems by ransomware, sending gas prices soaring.
The basics: Passwords and patch management
Some may listen to such news and dire warnings and panic. But fear and panic only worsen the situation. Those who keep their own houses in order by following the basics are likely to avoid serious mishaps during these times.
According to the Incident Response Analytics Report from Kaspersky, two key actions address most cyber incidents. Stronger password policies combined with patch management can reduce the risk of cyber incidents on business by as much as 60%. Unfortunately, both are weak points in many organizations.
According to the report, “Security issues with passwords and unpatched software combine into the overwhelming majority of initial access vectors during attacks.”
Researchers also noted that a brute-force attack is by far the most common method hackers use to invade an enterprise. This tactic throws raw processing power at passwords to break them. It is often successful if relatively weak passwords are in place. “123456” and “administrator” passwords may seem comical examples, yet they are still found by hackers attempting to crack passwords. But many other easily cracked examples, such as names and dates of birth, can be breached by brute-force approaches. Strong passwords combined with multi-factor authentication (MFA) are recommended.
The report also noted that 31.5% of successful attacks take advantage of known exploits. Much of the time, the vulnerabilities utilized by adversaries are several months old. Quite a few are greater than one year old. One has even passed its tenth anniversary, yet it is still unpatched in some enterprises. Comprehensive patch management, therefore, decreases the risk of a security incident by more than 30%.
Securing systems with the basics
In light of this data, the report summarized the key actions enterprises need to take to secure their systems:
- Implement robust password policies supported by MFA, along with identity and access management. Over the past two years, password standards have moved from six to eight and now ten or more characters, including a symbol, capital letter and number (or a long, easy-to-remember password phrase). Users may grumble, but this is necessary to prevent brute-force success.
- Implement patch management to take care of OS and application updates and known vulnerabilities. Automated patch management suites can help organizations deploy patches rapidly, prioritize them based on security ratings and take the drudgery out of this function.
- Conduct comprehensive and effective third-party security awareness training programs for employees. Phishing remains an effective tactic for cybercriminals. User education is a must to lower the incidence of users clicking on links and malicious attachments.
- Implement endpoint detection and response solutions to detect and react to attacks promptly.
With nation-state cyberattacks ramping up, it’s important to shore up your organization’s cybersecurity basics. Make sure you’re not missing the low-hanging fruit before focusing on more advanced security measures.
Sources
- Statement by President Biden on our Nation’s Cybersecurity, The White House
- Incident response analyst report, Kaspersky
In this Series
- Two basic actions that reduce enterprise cyber risk by 60%
- Digital identity management: Balancing usability, security and privacy
- Why aren’t more women in cybersecurity, and how can we fix it?
- ChatGPT and the strengths and limitations of cognitive AI
- Cybersecurity automation: Tips to do it right in your organization
- Advancements in online safety: Combating cyberbullying and protecting vulnerable communities
- How small and medium businesses (SMBs) can fast-track a disaster recovery plan
- What it takes to qualify for the US Cyber Games team
- The changing role of a ransomware negotiator
- Protecting K-12 schools from cyber threats: The case of Vice Society
- A deep dive into GitHub's security strategies
- Data storage security isn't working: Here are 5 ways to improve
- Protect your data with zero-trust networks
- 3 cybersecurity automation tools that your IT department needs now
- One phishing attack could expose your entire hospitality network
- Privacy compliance and security: Are you collecting too much data?
- API security best practices: What you need to know
- Considerations when using open source to build an identity system
- Security as a service: 11 categories you should know
- The impact of open source on cybersecurity
- Cybersecurity jobs are in demand. C-level IT executives needed!
- 6 cybersecurity truisms the industry needs to rethink
- 2022 cybersecurity spending trends: Where are organizations investing?
- Will corporate support for Fast ID Online [FIDO] mean mass adoption? If so, what does that mean for security and identity?
- Twitter’s cybersecurity whistleblower: What it means for the community
- Top 5 cybersecurity questions for small businesses answered
- What Is zero-trust security, and should your business adopt it?
- What’s next in cybersecurity: Predictions from Andrew Howard
- How training employees about ransomware can mitigate cyber risk
- Today’s IT job market: Beyond fear, uncertainty and doubt
- Third-party authentication (OAuth): Good or bad for security?
- 4 key takeaways from the 2022 Verizon DBIR report
- Four examples of human error in cybersecurity — and how to fix them
- Five ethical decisions cybersecurity pros face: What would you do?
- How to become an ethical hacker: Tips from Offensive Security CEO Ning Wang
- Shaking up security awareness: How one organization is building a culture of security
- Security Culture: TikTok CISO says this trend is here to stay
- IT skills advice from IDC's IT education and certifications expert
- Managing a security awareness program: Carrots, sticks, and repeat offenders
- Reducing IT’s carbon footprint: Good for business as well as the environment
- How Booz Allen Hamilton keeps their security team secure and compliant in a hybrid world
- 5 tactics to improve cybersecurity hiring results
- Top 9 effective vulnerability management tips and tricks
- SOC integration: Creating a well-built portfolio vs. a frankenstack
- Cybersecurity hiring: Why employer and higher ed collaboration is key
- After certification: Investing in employees' cybersecurity career pathways
- Where do ransomware, cyber education and cyber insurance intersect?
- Could psychology be the key to cybersecurity awareness? Research points to yes
- How IT pros can keep their organization on the cutting edge
- Cyber talent diversity: It's time to redefine the face of security
- Cybersecurity and Windows 11: What you need to know
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
Industry insights
Digital identity management: Balancing usability, security and privacy
Industry insights
Why aren’t more women in cybersecurity, and how can we fix it?
Industry insights
Industry insights
Cybersecurity automation: Tips to do it right in your organization