The Cyentia Institute—a leading research and data science firm specialising in cybersecurity—recently published its 2020 Information Risk Insights Study (IRIS 20/20), and the findings offer a stark warning on the frequency and financial impact of cyber incidents to organisations of all types and sizes.
By analysing more than a decade of data on breaches in the world’s largest companies, Cyentia has found that more than 60 percent of businesses suffered at least one public breach, with average financial losses equivalent to £160,000 per company. While the IT and retail sectors are most likely to suffer extreme losses of up to tens of millions of pounds, it is clear from the statistics that no industry is safe from cyber attacks.
So, what is the current state of cyber security in 2020, and what are the best practices to guard against reputational, financial and regulatory risk of a breach?
While IRIS 20/20 uses the term “breach” to refer broadly to a range of attacks (including data theft, ransomware infections, distributed denial of service and even lost or stolen digital devices), we can bring in some other sources of data to build up a sharper picture of the state of today’s cyber security landscape.
Unsurprisingly, the far-reaching impact of the COVID-19 crisis seems to have had a major impact on the dynamics of cyber-attacks in 2020. In the United States, NASA reported that email phishing attempts on its systems have doubled this year since increasing numbers of employees began working remotely. As information security expert Bruce Schneier has noted, remote workers without access to corporate-controlled devices are also particularly vulnerable to malware attacks, as they are more likely to be using out of date, unpatched, and unprotected systems.
Although escalation of privilege attacks appear to be growing in popularity, it’s important to remember that they are not a new phenomenon. In 2013, attackers exploited a security vulnerability in the heating, ventilation, and air conditioning (HVAC) systems at leading U.S. retailer Target to steal data on around 40 million debit and credit cards. Clearly, escalation of privilege has a proven track record for effectiveness—and as traditional working patterns are disrupted, underground hacking forums have seen a surge in activity to exploit the new opportunities.
So what are the best practices for cyber security in 2020, and what are some immediate steps your businesses can take to shrink the attack surface?
High on the priority list should be a thorough review of the remote-working strategy. As well as carrying out a full inventory of all corporate-controlled devices, businesses should ensure that minimum endpoint security management capabilities are in place—for example, the ability to perform regular vulnerability scans and remotely patch systems to guard against zero-day attacks.
Minimising the risk of successful escalation of privilege attacks will require a holistic approach that combines people, processes and systems. In the first instance, businesses should incorporate recurrent cyber training into their people strategy, and train employees to recognise, avoid and report common social engineering attacks such as phishing.
Going further, enterprises should ensure that they have a clear understanding of all active privileged user accounts across their entire IT environment. This capability is vital, as cyber-attackers who gain access to one of these accounts will be able to use its rights and permissions to comprise other sensitive systems rapidly—for example, by expropriating data or deploying ransomware.
If you’re having the dread realisation that you don’t know how many privileged accounts are in use across your business, you’re not alone. Research by teiss has shown that up to 55 percent of companies in a recent survey were similarly in the dark when it comes to Privileged Access Management (PAM).
To minimise the risk of becoming just another cyber statistic this year, it’s important to act quickly to strengthen your security posture. The good news is that enhancing your PAM capabilities has never been easier.
Northdoor has worked for more than 30 years to empower businesses of all sizes and industries to guard against the real and present danger of escalation of privilege attacks. Using the cutting-edge PAM solution IBM Security Secret Server, Northdoor can help you to rapidly identify and remediate potential security issues with all the key accounts across your organisation.
IBM Security Secret Server is fast and simple to install and configure, and offers the flexibility of an on-premises or cloud deployment to meet the specific requirements of your infrastructure. When we say fast, that’s no exaggeration; Northdoor’s expert consultants can get you up and running in as little as three days, closing the door on an extremely common attack vector.
If you’re concerned about your information security, there’s never been a better time to take action. To learn how Northdoor can help your business to protect itself from the most serious security threats in 2020, contact us today or read more on our security page