Like burglars looking for the house without cameras or newspapers piled up indicating a family on vacation, cyber criminals are constantly probing for vulnerabilities.
Here are 5 tips to consider in 2017.
1. Implement strong authentication & Single Sign-On
The latest Verizon Data Breach Investigation Report indicated that in the previous year, “63 percent of confirmed data breaches involved weak, default or stolen passwords.”
2. Reduce the attack surface
As uncovered by another report, (“the Ponemon Global Trends in Identity Governance & Access Management”) , 57 percent of respondents acknowledge that end users have more access than is required to do their jobs.
Therefore, the advice is to identify the roles & the minimum privileges necessary to fulfill them.
3. Isolate & monitor the vulnerable applications
All vulnerabilities are documented on the dark web. Make sure all your applications are updated & all available patches are installed .
Isolate vulnerable applications, as well as BYOD systems, from the rest of the network.
4. Data encryption
Start of course with the « crown jewels » within your company, but don’t limit yourself to these.
If a hacker gets into a network & finds encrypted data, he will immediately know where to concentrate his attack.
With all data being encrypted, the hacker won’t know where to start, and his activities will be easier to discover
5. Trust does not remove control
For the security leaders, the management of privileged users (IT department of a company) is essential: limit, monitor and record what IT Admins can do or actually do with their privileges.
The priorities will vary by organization, depending on the types of threats they are facing and where investments have already been made. But if you’ve fallen behind in any of these five categories, consider what can be done to raise visibility before your luck runs out.
And start with a most efficient backup !
Thanks to John Lavendy (based on Travis Greene) for having contributed this article to our blog.
