More often than not, organizations see cyber criminals from other countries as the biggest threat to their security. While it’s true that China, Russia, and India do play home to many fraudsters, the United States is no exception. In fact, a large share of cyber security threats actually start from within the organization.
According to the 2017 Data Breach Investigations Report by Verizon, a staggering one in four breaches involve internal actors. While there isn’t always malicious intent from insiders (about 14% were casual errors and privilege misuse), a staggering 60% of cases involved insiders absconding with data in hopes of converting it into cash (or cryptocurrency).
What’s more, nearly one in six incidents that involve an insider also involve employees stealing data to bring to a new employer or a to start a rival company! Whether it’s a fraudster from a different country or your own employee, the best cyber security plans always involves a “zero trust” or zero tolerance approach.
A Zero Trust Security Model
In order to combat today’s cyber threats, it’s critical that organizations implement a strict zero trust approach to their cyber security efforts. While it’s vital that organizations have perimeter-based measures in place (such as firewalls, anti-virus software, and spam filters) to help keep external cyber thieves out, it doesn’t protect them from those actors that are already in the organization.
But what is the zero trust model? It’s an approach to cyber security that views both internal and external actors, as well as endpoints, networks, and applications as equal dangers to IT infrastructure.
The approach breaks down into four main elements:
Recognize and assess devices
Know users with multi-factor authentication
Limit access and privileges (“Least Privilege”)
Develop strong policies
Checking & Recognizing Devices
It’s no secret that people share passwords. But when it comes to running an organization, this risky behavior can have serious consequences. Although it may not be malicious, it only takes one infected device to proliferate a costly virus.
However, if you implement a Network Access Control (NAC), you can help ensure that a particular device has permission to a network and that this device is operating securely. Good security posture policies may include access criteria which requires a device to be fully updated, have anti-virus protection software installed, and be specifically configured.
In today’s cyber security climate, organizations need to go beyond a simple username and password. Should a member of your team misplace or have a device stolen which has full access to your infrastructure, it’s critical that multi-factor authentication is enabled.
For instance, multi-factor authentication may include a specific device, a password/pin, and generated authentication data. This authentication data is often sent to a token (disconnected, connected, or software) or an out-of-band device.
With multi-factor authentication, CIOs and CISOs can be more confident about a user’s identity. If you’re unsure of how to implement this element of zero trust, contact Federal Resources Corporation (FRC) to learn more.
If one employee with full access loses their mobile device or gets their computer stolen, there is potential that you may lose your most precious data. For this reason, organizations need a backup and disaster recovery plan that enables you to remotely wipe missing mobile devices clean. Moreover, from client lists to your finances, it’s important that you limit each member of your team’s access to only the information they need.
Remember, not everyone needs full permissions to do their job effectively. Furthermore, if you terminate an employee or he or she finds a new job, immediately remove his or her permissions and access. This also stands true for any expired or unused plugins that may be sitting dormant on the backend of your website.
Look, perimeter-based security solutions are a must—there is no doubt about it. However, the best defense against cyber-attacks is prevention.
When organizations implement a multi-layered security solution with a zero trust approach, they’re ensuring the preservation of their assets, data, and clients. Whether or not an employee has malicious intent, humans are fallible. A zero trust policy can help organization defend against these blunders.
While tightening security is tiresome and at times inconvenient, CISOs and CIOs need to emphasize the importance of a zero trust policy to decision-makers in an organization. In fact, research by the Institute for Critical Infrastructure Technology and the Economist Intelligence Unit suggests that “proactive CISO-led strategies can cut the success rate of cyber breaches by more than 50 percent, hacking successes by 60 percent and ransomware infections by 47 percent.”
The Resources You Need
We know modernization is no small feat, nor is revising an organization’s policy. If you need a hand streamlining your IT infrastructure, we’re here to help.
We have a proven track record of delivering outstanding, user-friendly, and easy-to-implement cyber solutions for organizations both small and large. If you’re interested in hearing how we can help you keep your data safe, click here to contact us today or call (703) 687-9787.