Organisations now face threats from multiple sources and the nature of those threats continue to evolve, rapidly.
External threats: India faced almost seven lakh cyber-attacks in August 2020, according to a report by ministry of electronics and IT. India was ranked third and one of the biggest victims of cyber-attacks in recent years. Cyber criminals often exploit fear and uncertainty when major world events occur by launching cyberattacks. The Covid-19 pandemic was no exception.
User behaviour: End users are working and collaborating in more places, with more devices and sharing more information, sometimes indiscriminately. Supporting mobility, connectivity and flexibility are critical to your organisation – and even more so when prioritising their health and safety – but not at the expense of security.
Limited security resources: There are not enough security professionals to fill knowledge-based roles and address the needs most organisations have. For many smaller organisations, staffing a dedicated security individual or team is not realistic within their limited budget, so it often becomes a part time responsibility and focus.
New and evolving threats: Attackers continue to look for new methods of entry, one of which is below the PC operating system. Low-level attacks often take advantage of weak system configurations and firmware vulnerabilities.
Considering these threats and that an organisation’s security perimeters are expanding beyond the traditional four walls into their employees’ homes, here are five fundamental things you should implement from a cybersecurity perspective:
Protection above and below the operating system (OS). In addition to having modern solutions in place to prevent unknown threats and respond quickly and efficiently to attacks across the endpoint, network and cloud, you must also choose devices that have protection and detection capabilities below the OS at the PC BIOS level, where we’re seeing a significant rise of attacks.
—The physical security of a device is as important as its data. The physical protection of a device is just as important as the cybersecurity deployed on and within the device. If you’re using public spaces to work, remember to use a privacy shield so your data is protected from prying eyes.
-Adopt to a password-plus strategy. Enhance passwords with biometrics, implement multifactor authentication and utilise digital certificates for stronger protection. Cost and complexity barriers are breaking down making biometrics, like fingerprint and facial recognition, easier to adopt.
—Ensure employees are routinely trained on smart security practices. This is especially important with many working from a home environment. Implement a security training program and include regular tests like sending test phishing emails to keep employees skills sharpened.
—Allow for usability and protection to co-exist. Even if you have the best security tools, if they’re hard to use or hinder productivity, they will be ignored or defeated by your employees, leaving your organisation at risk. Successful security solutions must be easy to deploy, easy to maintain and easy to use.
-By focusing on foundational elements, like the five above, you can ensure your organisation is off to a strong start today and into the future.
