The biggest threat to your cybersecurity may come from inside your organization, not from a lack of software or hardware. Some of the risks to evaluate at your company this year include:
- Phishing via social engineering, including impersonation attempts using employee information gathered on websites and social media, such as LinkedIn pages.
- Long-term email surveillance that hackers use to identify opportunities for gathering valuable data, such as by posing as known vendors or clients with fraudulent email addresses and websites.
- Insufficient security awareness training, making employees vulnerable to evolving threats as well as unaware or ashamed of reporting when they fall victim to hackers.
- Failing to monitor and close connections in servers when equipment is upgraded or relationships with external vendors end.
Thanks to portrayals in TV and the movies, it’s common to envision hackers using state-of-the-art technologies to infiltrate networks. While that is sometimes true, many rely on much more analog methods to gain access to systems and sensitive data. But these techniques are still quite sophisticated in the way they exploit typical human behaviors and organizational weaknesses.
These are a few increasingly common tactics and situations leaders should address in the coming year to safeguard business operations, networks, and data.
New hires, especially those who are just starting their careers and new to the working world, are particularly vulnerable to this tactic. For example, hackers will use LinkedIn profiles or online resumes to identify recently hired employees and text them pretending to be their new boss. The hackers can then solicit sensitive information or lead the employee to a fake website to enter their company credentials.
Similar to the above scenario, hackers will use information on social media and other publicly available information on the web to target individuals and gain access to their email. But instead of using that information immediately, they’ll monitor their messages for a while to see who they are interacting with and how they can best exploit those relationships.
As an example, they might identify a vendor or client and set up a website with a domain that looks similar to the entity’s but has a slightly different URL with minor differences that aren’t immediately apparent. The hacker begins communicating with the individual as the vendor or client with the fake domain name in their email address and asks the individual to update their banking routing numbers, provide company log-in credentials, personal identifiers, and so on.
Employees constitute the outermost layer of your security plan, so educating them about threats and ensuring they feel empowered to report them is crucial. When hacking attempts do occur, employees should alert the IT department right away. If they aren’t aware of the intrusion or don’t report the incident because they are embarrassed or afraid of the repercussions, the intruders have carte blanche to wreak havoc over time.
To avoid such a disastrous situation, it’s vital to implement a comprehensive security awareness training program as an ongoing part of business operations—not just annually or during onboarding. Handled is currently rolling out a program that includes mandatory training and testing for new hires, quarterly training for all employees, and monthly communications with tips for preventing breaches as well as updates on emerging tactics.
Organizations often retire or upgrade equipment and settings, which can leave ports and connections open and vulnerable if no one is tasked with reviewing and maintaining them. For example, a developer might connect a business’s internal systems to an external platform. When the company stops using the platform, no one bothers or knows to disconnect the systems and close access. The vendor running the platform might change or go out of business, and another vendor—or a hacker–picks up the related IP address. Now the company has a connection to an unknown entity, giving it access to its internal systems.
Regular reviews of such changes—when servers are put out of commission, whether settings are up to date, closing connections with external systems when vendor relationships end, etc.–can help prevent such opportunities for intrusion. These should be part of an overall IT change management process that spells out who governs the process, identifies who validates changes, and holds specific roles responsible for regular maintenance and review of ports and connections.
In many cases, effective cybersecurity doesn’t require spending a lot of resources on high-tech solutions—it’s about identifying liabilities that result from people’s lack of awareness and insufficient processes.
Handled works with all types of organizations to institute plans, policies, and practices that help inoculate them from common, new, and emerging cybersecurity risks and threats. Make your business one of them in 2022: contact us today to connect with a security specialist.
Sign up for our newsletter to get all the latest tech news sent straight to your inbox.