There is a fundamental increase in the number of cyberattacks. That is why good network security is essential both now and in the future. However, this continues to be a challenge for many organizations. Because while you try all kinds of methods to prevent unauthorized network access, new or advanced cyberthreats are constantly emerging.
Numerous companies and governments are taking measures to ensure privacy and maintain security by preventing cyberattacks. Nevertheless, Cyber Security remains a constant and ongoing issue of considerable concern. We have therefore compiled a list of some key challenges regarding network security and cyberthreats.
1. Ransomware Security and Remediation Strategy
Around 4,000 ransomware attacks take place every single day. As mentioned earlier in our article on the top 5 Cyber Security threats in 2019, it is estimated that a ransomware attack will take place in a company every 14 seconds by the end of 2019. It is important to ensure that good ransomware security is a top priority within the organization and that it is implemented to protect yourself from these types of attacks.
The danger of ransomware is that it can potentially cause permanent loss of business data. It affects encrypted data and secure database systems and can even delete or corrupt files, or threaten to do so, if no ransom is paid.
Ransomware is also known as ‘Endpoint Epidemic’, and the primary prevention method is to give employees proper training, as well as to recognize potentially suspicious e-mails and files containing ransomware. One way to do this is by combining E-mail security solutions with innovative Endpoint security. In order to stop this type of online extortion, increasing use is being made of cloud-based endpoint security solutions. A good way to arm the organization against the loss of data is to develop a remediation strategy. As part of this remediation strategy, business-critical data is stored in several replicated locations.
2. Risk of Identity Theft / Credential Phishing and E-Mail Security
Phishing sites are websites or e-mails that are disguised by attackers as legitimate websites or e-mails. The goal of cybercriminals is to intercept or steal personal login details and other data from users. Phishing is often aimed at obtaining the credentials that provide access to the network or devices. This makes it possible for an unauthorized user to access the network when a website is visited or an e-mail is opened. Almost every organization has valuable data and therefore forms a potential target for an attack by cybercriminals through phishing. A common way in which credential phishing attacks are carried out is by imitating existing company websites. The purpose of these imitated websites (and login environments) that purport to belong to existing companies is to intercept customer information or login details, or to infect the device used (‘Endpoint’) via a download. The phishing attack is often the prelude to a larger and more destructive attack.
Phishing and the Weakest Link in Network Security
Network security is as strong as the weakest link in your network, i.e. the employees. If a legitimate-looking e-mail arrives from the CEO, a manager, the bank, or Google, to name a few examples, then people are more likely to fall for it and become the victim of phishing e-mails. Most of these "CEO Fraud" phishing e-mails contain a note of urgency, attempt to scare the reader, or give the impression of a reward or token of appreciation. The entire content of a phishing e-mail is directed at getting your employees to open the message (and any attachments it contains). Another noticeable characteristic of successful phishing attacks is their high level of personalization. They are very specifically targeted at an individual, with some even making reference to the individual's first and last names. Or the e-mail is targeted at a group of employees from the financial administration department, as the attackers know that this group can give them access to the sensitive information they wish to obtain.
Detecting and Preventing Phishing Attacks
Nowadays, many phishing attacks can be detected and even prevented. You can do so by configuring which websites people have access to and are permitted to use login details for. As soon as the firewall detects that an employee is trying to enter his or her details on a website that is blocked, a warning is displayed on the screen. This method can also be used on legitimate websites where employees enter the corporate user name, in order to create Cyber Security awareness.
3. DDoS Security
DDoS (Distributed Denial of Service) attacks are becoming more and more prevalent and have potentially devastating consequences. One of the issues is the increase of DDoS attack power in 2019 due to poorly protected IoT devices, computers, and other equipment that are increasingly being used as a botnet to carry out sizeable DDoS attacks. "More and larger versions of these 'botnets' are emerging," explained Sr. Network Solutions Architect René Huizinga in an earlier article. "This is a trend that will continue. For cybercriminals who control these botnets, offering DDoS attack services has become an opportunity for them to monetize botnets."
Furthermore, cybercriminals are continuing to discover new ways of carrying out DDoS attacks. DDoS attacks are not only used for financial gain, but also to bring competitors into disrepute, such as by purchasing an attack and using this means to get the DDoS attack into the news headlines.
Arm your Network against DDoS Attacks with DDoS Security
The best DDoS mitigation solution no longer does far enough to create an effective security system against DDoS attacks. Over the past year, we have seen an explosion in the number of DDoS attacks related to ransomware and other Advanced Persistent Threats (APT). New advanced methods of DDoS security have been developed, whereby automatic updates are carried out to mitigate new types of DDoS attacks and to provide structural protection for your company against smarter, more varied, and more extensive DDoS attacks and botnets.
4. ‘Bring Your Own Device’ Policy
BYOD, or Bring Your Own Device, is one of the biggest challenges in terms of IT security that organizations are faced with. More and more flexiworkers and other employees are using their own laptops, tablets, smartphones, and other devices in the corporate network. Indeed, where employees are prohibited from using their own equipment, they are even taking action to have this ban lifted. This practice is also very useful, of course: Employees take their own devices to work with them so that they can start on their work for the organization as quickly as possible. As a result, employees are often more productive and familiar with their own devices, while it also saves on purchase costs as no additional devices are needed on the work floor. This practice works until an employee’s device is stolen and hacked or an employee loses their device. The device then presents an immediate security risk. In addition, employees use their own devices to check their mailbox and other information at home and while travelling. As a consequence, critical business information becomes available in all kinds of places. This constitutes a risk, which makes implementation of an effective BYOD policy a matter of urgency. This policy should arrange the security for these devices in an effective manner.
Configuring BYOD Security Measures
Make sure you therefore have good security for all mobile devices. Laptops, smartphones, and tablets are not adequately protected with just a four-figure access code. Make employees aware of the importance of configuring a strong password for data such as Excel sheets and Word documents containing sensitive information. Also protect business-sensitive information from those employees for whom access is not strictly necessary. By giving people ‘layered’ access in this way, by means of specific access rights, you can create an additional security layer for the devices used. In addition, let employees know how they can use their device for business purposes. Teach them how they can prevent unintentional leakage of data and where they should store business data. Make things clear, for example by providing awareness training. And don’t forget to record all the agreements relating to the BYOD policy in writing.
5. Implement a Good ‘Identity and Access Management’ (IAM) Strategy
Identity and Access Management solutions provide secure access to applications. When identity management is set up properly, employees only have access to those specific programs or components they are permitted to use, corresponding to their responsibilities and tasks. This significantly reduces the risk of misuse and data leakages. Providing access to the right data plays an increasingly significant role in network security. In fact, this is mandatory within the context of the GDPR, so that it's possible to demonstrate who has access to specific information and why.
For the time being, IAM solutions are mainly used on the basis of a username and password for internal workspaces, or with the addition of an authentication token for high-risk software or external workspaces. It is also possible to monitor login behavior for suspicious activity, such as setting up an alert that indicates that someone is trying to log in from an unusual location or at a highly unusual time of day. These conditions can be configured as rules, so that an additional authentication step is required or so that rights are immediately withdrawn if necessary.
Help with Network Security
Nowadays, cyberthreats are a growing risk for your company's critical and sensitive data. They can even pose a threat to the profitability and reputation of the company, which is why IT security is an ongoing activity. Gaining a good insight into the way in which users, customers, and applications obtain access to data and the way in which equipment is configured provides the foundations for effective security.
Infradata has specialized in assessing, implementing, and managing enterprise information security for over ten years. Our team of Cyber Security and cloud networking experts will help you identify cyberthreats, cyber risks, and successful attacks and to reduce their impact. Please do not hesitate to contact us for more information about our services and to discuss all the possibilities.
In view of the fundamental increase in the number of cyberattacks, it is essential to create the best network security for your organization. In this article, we list five challenges and tips regarding network security and cyber security.
1 August 2019