There’s no way to guard against every cybersecurity threat. Some of the largest enterprises in the world, with skilled IT teams and large budgets, have fallen victim to massive security breaches. There are simply too many devices and applications to protect, with new threats emerging every single day.
The good news is that three cyberattack vectors — email, unpatched applications and user’s endpoints — are responsible for the vast majority of security breaches. By focusing their security efforts on these three areas, organizations with limited resources can greatly reduce the odds of a successful attack.
Email is by far the No. 1 cyberattack vector. While some email attacks are merely annoying many are highly destructive, disrupting business operations and causing financial losses.
Ransomware remains a serious threat. Cybersecurity Ventures estimates that businesses will suffer a ransomware attack every 14 seconds in 2019. The attacker will typically send an email containing a malicious link or attachment that activates malware, encrypting all the files on the victim’s computer and spreading throughout the organization. Without a current backup, the organization has little hope of recovering the files, even if the ransom is paid.
Business email compromise (BEC) has cost companies more than $5 billion since 2013, according to FBI estimates. In the typical BEC attack, the hacker “spoofs” the email of a company executive and sends a request to someone in finance or accounting to wire funds to a bank account controlled by the hacker. The money is generally unrecoverable.
Thwarting these kinds of attacks starts with keeping phishing emails out of users’ inboxes. Organizations should also implement continuous monitoring solutions to detect attacks that get past the initial defenses.
Prioritizing the top three attack vectors: email, unpatched applications and user endpoints can go a long way toward reducing risk.
Using unsupported software and failing to apply patches and updates creates tremendous risk. Hackers are well aware of the vulnerabilities in these applications — according to Experion, more than 90 percent of exploits leverage old flaws that have been open for many years. Even if users are diligent about updating their operating systems, they often fail to update their web browsers, Adobe software and other commonly used applications.
Software that’s no longer supported, such as older versions of Windows, should be removed from the environment. Organizations should then inventory all hardware and software and develop a plan for deploying patches and updates promptly when they are released. Controlling application sprawl can reduce the patch management burden and improve overall security by shrinking the attack surface.
Many organizations continue to focus on perimeter security, but the corporate firewall is of little value when users are outside of that protective environment. Users are working from home and in airports and coffee shops, leaving their devices vulnerable to attack. According to the 2018 State of Endpoint Security Risk Report from the Ponemon Institute, 64 percent of respondents said their organizations had experienced one or more endpoint attacks that successfully compromised data assets.
Organizations should take steps to protect user’s endpoints by requiring that they have up-to-date antivirus software and other basic forms of protection. However, the Ponemon study found that antivirus products missed 57 percent of attacks on average. Organizations should look at next-generation endpoint protection solutions that use real-time behavioral analysis and machine learning to detect suspicious patterns and activity.
The Final Analysis
It’s impossible to protect your organization from every cybersecurity threat, and all a hacker has to do is find one vulnerability to execute an attack. However, prioritizing the top three attack vectors can go a long way toward reducing risk. Contact the GDS cybersecurity team to discuss ways you can improve your organization’s security posture.