Highlights:

  • One of the most efficient cyber security countermeasures is to educate your fellow employees.
  • Being resilient in business today means having a business recovery plan.

Waking up to news about CyberSecurity every other morning worldwide indeed brings around questions in our minds. Can it happen to us? Can we combat a cyberattack? What do we do, and what preventive measures can we take to avoid them?

Attackers actively expand and find innovative approaches to breach our systems. It is because of our lack of knowledge and awareness about its cruciality.

Allocating funds towards our security solutions needs to be a priority as our data is something we just can’t bargain.

According to Rob Lefferts, Corporate Vice President, M365 Security, “Attackers are growing more and more sophisticated. We see an increasing trend towards trickle-down of advanced attack techniques, from Apex Predator groups to nation-state attackers moving into more and more tools and techniques that are available for a broader range of cybercriminal and ransomware groups.”

In this blog, we shall cover tips and tricks about how we can safeguard our company from cybercrimes.

Cybercrimes are profitable for criminals and costly to you

According to a data analysis report, “less than one per cent of malicious cyber incidents see an enforcement action taken against cybercriminals.”

These cyber thieves get away with 99% of their criminal activities as law enforcement cannot track them.

Cyber laws must be amended, and moreover, must be more stringent against them.

The potential reasons for inaction are lack of cooperation between different organizations, jurisdictional differences, etc.

Data breaches account for an annual average of more than four million dollars. Data loss continues to prove to be a costly disaster, not only for the company but also for other organizations that are associated with it.

Another contributor to successful data breaches is insider criminals. Insider threats represent to be a growing risk area for many organizations worldwide. As per reports, there are 6,803 cases of insider-related incidents. The report also noted that 56% were because of negligence, 26% because of a criminal insider, and the remaining 18% were because of user credential thefts.

Key findings in cybercrime statistics

  • In a recent study, the damage caused by cybercrimes in 2022 is a massive six trillion dollars.
  • Financial sectors are often targeted and add up to 74% of botnet attacks.
  • It is estimated that 33 billion accounts will be breached by the end of 2023.
  • As of 2018, ransom attacks have shot up to 350%!
  • Laptops and PCs running on Microsoft were often targeted by malware. Firms blocked 97.2% of malware in 2018.
  • Threats became very common in 68% of cases when sextortion victims complied with their demands.
  • 59% of American citizens reported that they had experienced cybercrime or may have fallen into the hands of a computer hacker.
  • 70% of Small Medium Businesses (SMBs) are unprepared for cyber-attacks.
  • 88% of professional hackers can breach an organization within 12 hours.

How to recognize, combat, and improve cyber enterprise hygiene?

These are seven inputs and best practices to help you and your company identify cybercrime action and limit the threats.

  1. Education and cyber security awareness: One of the most efficient cyber security countermeasures is to educate your fellow employees. It is an instant win. It empowers employees to become a solid cyber defense on the front line. Employees shouldn’t hesitate to ask for help or advice when they see something apprehensive. Training should begin at the top of any organization, working down. It is advised to appoint a cybersecurity ambassador with every department to assist detection and incident response for potential cybersecurity threats and risks.
  2. Collect security logs and be vigilant for suspicious and abnormal activities: Ensure that security logs are being collected and analyzed for suspicious activities. Keeping an eye on credential logins, application executions during non-business hours, or implementation of tools could indicate lateral moves. This also helps ease dealing with digital forensics to analyze the root cause, and work on future prevention measures.
  3. Keep applications patched and up to date: Keeping systems and applications up to date will keep most malicious hackers and cyber criminals from breaching your system with known vulnerabilities. This is not a reliable countermeasure, but it will make it difficult for cybercriminals to breach.
  4. Use strong passwords and protect important accounts: We highly recommend changing your password often. The average age of a social password nowadays is years, and social media does not do a great job reminding you how old your password is, when it’s a good time to change it, or how weak it is. You can try using enterprise password and privileged account vault to ensure easy and secure management of multiple accounts and passwords. Avoid using the same password varied times.
  5. Do not allow users to install or execute unapproved or untrusted applications: Organizations must use security controls that prevent any application or tool by installing onto a system by using Application Allowlisting, Denylisting, Dynamic Listing, Real-Time Privilege Elevation, and Application Reputation and Intelligence. This is a very effective way to prevent from becoming the next cybercrime victim.
  6. Be deceptive and unpredictable: It is crucial to be receptacle and unpredictable. Most companies depend on automation to help them with cybersecurity defenses, but this brings itself to predictability in many cases. Predictable companies are prone to cybercrimes, so it is crucial to establish a mindset and a timely routine in which systems can be updated and assessed.
  7. Have a solid backup and recovery plan: Being resilient in business today means having a business recovery plan. In other words, to have a robust backup strategy. Sadly, many organizations only have online backups using the same credentials in their work environments. This makes it easier for attackers to gain access to the system and deploy ransomware to the backup system, bringing the business to a complete halt with no way to restore it. It is crucial to ensure your backups have offline capabilities so that cybercriminals cannot breach your data.

Extra crunch for better cybersecurity:

  • Application of proper cyber security framework
  • Make sure you allot enough budget for cyber security
  • Practice a risk-based approach to security
  • Ensure your supply chain is secure
  • Implement the latest technologies but don’t overdo it
  • Protect your linked IT in OT assets
  • Take advantage of automated intelligence
  • Take control of broader attack surfaces
  • Keep track of your security performance.

Conclusion

The rise of cyber-attacks across the globe has shot up at an alarming rate. Many security executives in organizations feel that they are unprepared for the threats that lie ahead. Companies have started by upping their security budgets and adopting more advanced defenses.