Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

For Smaller Enterprises Infrastructure Security Starts With Hygiene

The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach.

The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach. Lines at gas stations and the disruption of trucking, deliveries and related business activities that followed the breach of the Colonial Pipeline operators really drove home the fact that we’ve moved into a new era of cybercrime. 

Criminal enterprises are targeting critical infrastructure in extortion schemes, thanks to cryptocurrency and prepaid cards that enable payoffs. The cyberthieves consider infrastructure low-hanging fruit, and defenders are playing catch-up because the definition of infrastructure is evolving fast. As more activities are digitized, IT infrastructure will become increasingly critical for business continuity much as traditional infrastructure components like the power grid are today.  

We need to look at cyberattacks in a new way, focus on infrastructure threats, and get ahead of the curve. All it takes is clicking on one out of 100,000 phishing emails sent to open a back door to hackers which puts companies at a disadvantage. Businesses need to focus on the fundamentals, especially when it comes to network infrastructure, and small and mid-sized businesses (SMBs) in particular. 

Organizations, especially SMBs, are outgunned and under-resourced. Many have security gaps because they can’t hire enough people for their security needs. Some estimates say more than 600,000 cyber security jobs open every year in the U.S., but there are 68 qualified prospects for each 100 open spots. Larger companies able to offer higher salaries and perks have the advantage in this job market. This leaves SMBs vulnerable; they may have automation and technology tools—even boosted with artificial intelligence and machine learning—but the talent shortage means they lack the human resources to make them work effectively. 

Some very common-sense practices of basic cybersecurity hygiene can help reduce attack surfaces. Most of the vulnerabilities that open back doors to hacking are enabled by weak or compromised passwords, or by not updating and installing patches on software. Addressing both those basic risk factors can be effective against most common attacks, and installing multi factor authentication (MFA) places barriers to anyone trying to breach the system. MFA is very effective in denying hackers the low-hanging fruit, especially now that biometric identification such as a fingerprint or retina scan is within reach of most businesses.  Just try opening your phone without those markers. 

Sometimes, outsourcing security can be a good solution, especially for SMBs that lack resources. A consultant can run tests to find and patch vulnerabilities and train employees to spot and prevent common attacks. 

Small businesses need to recognize they are now the focus of ransomware and other cyberattacks, because they’re the easiest to exploit. All kinds of small organizations, such as  state and local governments, hospitals and educational institutions have become targets, because they operate disparate networks with limited cybersecurity know-how, making them prime targets. I’ve mentioned before how universities and healthcare organizations are facing  a surge of ransomware attacks. 

Ransomware has become a pandemic of its own, thanks to the sheer fact that it works well. Threat actors are very creative; every time they face a technology meant to stop a specific type of threat, they find a way around it. That’s why organizations really need to focus on finding defenses that will not only stop a threat today, but also future-proof to the next iteration hackers can devise. 

Advertisement. Scroll to continue reading.

Some encouraging developments show promise in this fight. Just as cybercriminals have found ways to collaborate in the Dark Web and trade tools and intelligence for their exploits, the good guys are starting to break their silence and share information. Protecting critical infrastructure will require a public-private sector partnership that goes after cybercriminal groups with a law enforcement approach, using forensic activities to find and prosecute the hackers.  As the Colonial Pipeline incident showed, law enforcement is picking up momentum against ransomware attacks. 

Another silver lining of this pandemic of ransomware has been increased sharing among security professionals. Where companies were tight-lipped about breaches before, sharing threat intelligence is being encouraged more openly, via information sharing and analysis centers  (ISACs) that give business of all sizes access to threat intelligence and best-practice advice. 

Businesses and individuals have enough trouble with all the other aspects of cybersecurity, but software patching and good password hygiene are a good place to start, regardless of an organization’s size or whether it’s private or public. For SMBs, the best advice is to find a partner that can help evaluate the risks to the organization, prioritize them, and attack them with vigor. If they defend those things first, then they can fill in the gaps in other areas with more confidence that their infrastructure is being defended. 

Turn to your partners the same way the threat actors are doing it, and let’s help each other. Because at the end of the day, we all will be stronger for it.

Written By

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...