Top 10 Best Practices for Countering Cyber ​​threats in 2020

The year 2020 has come, and you need to be prepared for both the already known and new cyber threats of this year. We have prepared a list of basic recommendations that should be in the arsenal of every information security protection specialist. The list is compiled based on information on the main insider incidents and cyber-attacks of 2020 and forecasts for that year.

1. Consider Appointing a Dedicated Insider Threat Officer

Insider threats are now very common in all industries and affect companies of all sizes. Insider threats can cost an organization an average of  $ 8.76 million per year. For this reason, preventing this type of threat should be a shared goal.

A dedicated Insider Threat Officer can bring teams from different departments together to quickly detect, investigate, and respond to insider threat incidents when they occur. They can also help your team become more proactive in choosing the right policies and tools to help prevent insider threats in the first place.

2. Simulate Phishing Attacks

An important aspect of raising cybersecurity awareness is explaining to employees how phishing attacks can manifest in their daily lives. Social engineering attacks and attempts to steal credentials are becoming more sophisticated. Investing in simulated phishing attacks creates a secure environment for testing employees' knowledge and actions in such situations.

3. Train Employees on Cybersecurity Policy When Working Remotely and While Traveling

We recently surveyed 1,000 employees on how they access the corporate network when traveling on business, and 77% of those surveyed admitted that they connect to free Wi-Fi networks (usually unsecured) using work computers and smartphones. Only 17% of respondents said they always use a VPN connection when out of the office.

With today's prevalence of telecommuting, employees should be aware that sacrificing security for convenience is not an acceptable compromise. Almost half of the employees are unaware of the safety policy when traveling or working remotely. It may be time to update or develop these guidelines if they do not already exist.

4. Make Your Employees' Personal Data a High Priority

Make it a high priority to protect employee privacy by anonymizing any data you collect to prevent insider threats and clearly explain how cybersecurity policies affect personal data protection.

5. Develop a Cybersecurity Curriculum

Think about this: two out of three insider attack incidents are due to employee or subcontractor errors, and these errors are preventable! It's time to invest in raising cybersecurity awareness. In fact, according to the SANS Institute, 85% of cybersecurity trainers said their work had a positive impact on the security of companies.

6. Share Your Cybersecurity Policy With Subcontractors and Vendors.

According to the most recent poll by NPR / Marist, one in five employees is a freelancer and this trend will continue to grow. Many companies profit from contractors, but only a few companies educate them about cybersecurity policies and best practices that can impact their daily workflows. Make sure these employees are familiar with your policies and know how to adhere to them.

7. Control Both the User and the Work With Files

We predicted that sophisticated malicious insiders would take advantage of multiple exfiltration channels and hide their tracks in 2019. This means that one of the best ways to prevent threats is to monitor user activity and file operations. Solutions like DLP focus on data, not user activity, and often fall short of preventing deliberate insider actions in their wake.

8. Don't Forget About Intelligence Threats

Employees of companies from highly profitable industries, including banking, technology, healthcare, etc. may face offers to exfiltrate or sell data to foreign governments. To correctly identify patterns of suspicious activity, it is important to understand the motivation behind insider threats planned by the intelligence services of other states.

9. Use Password Managers, SSO and MFA

This sounds obvious to an information security professional, but the use of weak or repeated passwords is very common among employees today. If you can't teach them how to create strong and burglar-proof passwords, then, alternatively, you can use quality password managers. If you haven't figured out a password management solution yet, check out this article on the benefits and risks of password managers.

Other credential protections like SSO (single sign-on) and MFA (multi-factor authentication) should also be used universally to minimize the impact of user error.

10. Control Privileged Access

If you haven't done so recently, check now how many users have privileged access to critical areas of your servers, and then ask if those users need that level of access. Privileged access has a habit of spreading throughout the company over time, as some people leave the company, other people change roles, someone is no longer working on a task that requires administrator credentials. If you find that this situation occurs periodically in your company, then it may be time to use the system to issue temporary credentials or rotate them.

In Conclusion

We hope that following these guidelines can help your company reduce the unnecessary risk this year. But without antivirus protection, these guidelines will be fruitless.