The type of hardening you carry out depends on the risks in your existing technology, the resources you have available, and the priority for making fixes.
It seems as though not a day goes by without a headline screaming that some organisation has experienced a data breach, putting the business – and its customers and partners – at risk. To keep your own organisation out of the news, it’s important to understand the most common causes of data breaches and what you can do to mitigate the threats they present. 1. Weak and Stolen Credentials, a.k.a. Passwords Hacking attacks may well be the most common cause of a data breach but it is often a weak or lost password that is the vulnerability that is being exploited by the opportunist hacker. Stats show that 4 in 5 breaches classified as a “hack” in 2012 were in-part caused by weak or lost (stolen) passwords! Simple Solution: Use complex passwords and never share passwords. 2. Back Doors, Application Vulnerabilities Why bother breaking the door down when the door is already open? Hackers love to exploit software applications which are poorly written or network systems which are poorly designed or implemented, they leave holes that they can crawl straight through to get directly at your data. Simple Solution: Keep all software and hardware solutions fully patched and up to date. 3. Malware The use of both direct and in-direct Malware is on the rise. Malware is, by definition, malicious software: software loaded without intention that opens up access for a hacker to exploit a system and potentially other connected systems. Simple Solution: Be wary of accessing web sites which are not what they seem or opening emails where you are suspicious of their origin, both of which are popular methods of spreading malware! 4. Social Engineering As a hacker, why go to the hassle of creating your own access point to exploit when you can persuade others with a more legitimate claim to the much sought after data, to create it for you? Simple Solution: If it looks too good to be true then it probably is too good to be true. If you were going to bequeath $10 Million US Dollars to someone you had never met, would you send them an email? 5. Too Many Permissions Overly complex access permissions are a gift to a hacker. Businesses that don’t keep a tight rein on who has access to what within their organisation are likely to have either given the wrong permissions to the wrong people or have left out of date permissions around for a smiling hacker to exploit! Simple Solution: Keep it Simple. 6. Insider Threats The phrase “keep your friends close and your enemies closer” could not be any more relevant. The rogue employee, the disgruntled contractor or simply those not bright enough to know better have already been given permission to access your data; what’s stopping them copying, altering or stealing it? Simple Solution: Know who you are dealing with, act swiftly when there is a hint of a problem and cover everything with process and procedure backed up with training. 7. Physical Attacks Is your building safe and secure? Hackers don’t just sit in back bedrooms in far off lands, they have high visibility jackets and a strong line in plausible patter to enable them to work their way into your building and onto your computer systems. Simple Solution: Be vigilant, look out for anything suspicious and report it. 8. Improper Configuration, User Error Mistakes happen and errors are made. Simple Solution: With the correct professionals in charge of securing your data and the relevant and robust processes and procedures in place to prevent user error, then mistakes and errors can be kept to a minimum and kept to those areas where they are less likely to lead to a major data breach. For a more comprehensive explanation of all the information explained above, as well as a more detailed look at some of the ways to prevent your business from falling foul of these common causes of data breaches, read Information Weeks The 8 most common causes of data breach For more information on how a Cyber Risk insurance policy can help your company recover should a data breach occur, just get in touch on 01905 21681
Ensuring you understand and practice good cyber security is the best way to combat cyber threats. Here you will find information about common online security risks, with simple advice on what you can do to protect yourself and your family.
There are more devices connected to the internet than ever before. This is music to an attacker's ears, as they make good use of machines like printers and cameras which were never designed to ward off sophisticated invasions. It's led companies and individuals alike to rethink how safe their networks are. As the amount of these incidents rises, so does the way we need to classify the dangers they pose to businesses and consumers alike. Three of the most common terms thrown around when discussing cyber risks are vulnerabilities, exploits, and threats. Here’s a breakdown of each and what they mean in terms of risk:
Mistakes happen, even in the process of building and coding technology. What’s left behind from these mistakes is commonly referred to as a bug. While bugs aren’t inherently harmful (except to the potential performance of the technology), many can be taken advantage of by nefarious actors—these are known as vulnerabilities. Vulnerabilities can be leveraged to force software to act in ways it’s not intended to, such as gleaning information about the current security defenses in place. Once a bug is determined to be a vulnerability, it is registered by MITRE as a CVE, or common vulnerability or exposure, and assigned a Common Vulnerability Scoring System (CVSS) score to reflect the potential risk it could introduce to your organization. This central listing of CVEs serves as a reference point for vulnerability scanners. Generally speaking, a vulnerability scanner will scan and compare your environment against a vulnerability database, or a list of known vulnerabilities; the more information the scanner has, the more accurate its performance. Once a team has a report of the vulnerabilities, developers can use penetration testing as a means to see where the weaknesses are, so the problem can be fixed and future mistakes can be avoided. When employing frequent and consistent scanning, you'll start to see common threads between the vulnerabilities for a better understanding of the full system. Learn more about vulnerability management and scanning here. Security Vulnerability ExamplesA Security Vulnerability is a weakness, flaw, or error found within a security system that has the potential to be leveraged by a threat agent in order to compromise a secure network. There are a number of Security Vulnerabilities, but some common examples are:
Vulnerabilities of all sizes can result in data leaks, and eventually, data breaches. What is a data leak? A data leak occurs when data is accidentally leaked from within an organization, as opposed to a data breach, which is the result of data being stolen. Data leakage is usually the result of a mistake. For example: sending a document with sensitive or confidential information to the wrong email recipient, saving the data to a public cloud file share, or having data on an unlocked device in a public place for others to see. What Is an Exploit?Exploitation is the next step in an attacker's playbook after finding a vulnerability. Exploits are the means through which a vulnerability can be leveraged for malicious activity by hackers; these include pieces of software, sequences of commands, or even open-source exploit kits. What Is a Threat?A threat refers to the hypothetical event wherein an attacker uses the vulnerability. The threat itself will normally have an exploit involved, as it's a common way hackers will make their move. A hacker may use multiple exploits at the same time after assessing what will bring the most reward. While nothing disastrous may have happened yet at this stage, it can give a security team or individual insight into whether or not an action plan needs to be made regarding specific security measures. While it may seem like you’re constantly hearing about a new attack or cyber threat in the world, these terms can help give further context to the stages and dangers that security professionals deal with on a daily basis. So, what can you do to lower your overall risk? For a proactive approach, scan your environment for vulnerabilities with a vulnerability management tool. To stay responsive to unwanted activity, Security Information and Event Management (SIEM) is a systematic process that can make it easier to control what's happening on your network. SIEM tools can help companies set up strong, proactive defenses that work to fend off threats, exploits, and vulnerabilities to keep their environment safe.
Vulnerability Management and Scanning |