Cybersecurity requires a holistic approach from leadership down to every rank-and-file employee. There are a million mistakes anybody could make in cybersecurity. Let’s look at a few simple yet significant ones. Although some of these are not immediately detrimental, they can be the starting point for a wrecking ball to an organization. Being aware of these early on will save an organization in the long run. Successful organizations last by mitigating risk.
1. Neglecting the Simple Basics of Security
This is arguably the most important point on this list and maybe in the entire realm of cybersecurity. Basic infrastructure is simple and is a general network configuration. This is simple login, lock-out, and password policies to local admin account management, user access controls, and even secure device configuration. Bringing cybersecurity back to the basics is often all that is needed for a strong and safe foundation poised for expansion with an organization. One of the most common current issues with this is AWS S3 bucket misconfigurations leaving sensitive data open to the internet with virtually no protection.
2. Relying on Just a Firewall and Antivirus
Firewalls and Antiviruses are not enough to prevent all threats. They are limited to the role of PROTECTION when it comes to cybersecurity. As the threat landscape shifts, DETECTION is becoming increasingly important. You cannot combat what you can’t see. If your protection fails to stop a malicious actor, you become a sitting duck. When you hear of a company that didn’t know of a breach for months, it’s because they are not properly DETECTING threats. Sadly, by that time it is usually too late to mitigate the damage. It is well worth it for any organization to evaluate whether they need a SIEM. It is the logical next step for cybersecurity beyond the basic protection measures.
3. Assuming you are completely safe
By now it is pretty obvious that no network is completely safe. If you truly believe you have an unhackable network please read the first 2 paragraphs of Kevin Mitnick’s LinkedIn profile. If there is a will there is always a way when it comes to breaking into a network. That is why you can’t only rely on protection to keep you safe. Detection and response are also key.
4. Not Reacting to Compliance and Audit Feedback
Compliance is becoming increasingly demanding and precise. Non-compliance risks fines and other regulatory repercussions. It is a tell-tale sign of a vulnerable organization. Cybersecurity is heavily governed by compliance. These frameworks are designed based on copious amounts of research and experience combined with industry-specific needs. Compliance exists for an important reason. In Verizon’s 2017 PCI DSS report every single company that had experienced a breach was not in full compliance with PCI DSS requirements.
5. Assuming You Are Not a Target
Thinking you have impenetrable cybersecurity is one thing, but thinking you won’t be targeted can be even MORE dangerous. Many organizations think they are too small to be a target and this naive mindset leaves many reaped of their data, credibility, and business. Depending on your size and budget there is definitely a line as to how robust your security has to be. No matter what size the company, best practices can still be implemented and will keep any organization in the best possible shape.
6. Underestimating Required Security Expertise
People often fail to understand the necessity for specific cybersecurity expertise. The biggest misconception is the idea that IT folks fully understand security when IT and security are two very different industries with overlap. It is very possible that an IT professional is well-versed enough in cybersecurity to cover the basic needs of both but often times that is like putting a square peg in a round hole or stretching that individual too thin. For proper and effective security you need dedicated professional cybersecurity expertise. A lot of organizations are calling it quits on wasting resources trying to hire someone and working with an MSSP.
How Sedara Can Help You
Whether you’re a CEO looking for a cybersecurity program, or a CTO looking for help, you need a partner in cybersecurity threat intelligence. Our experienced team will enable you to take your cybersecurity and compliance to the next level with 24/7/365 monitoring, detection, and response. Contact us today to get started.
Subscribe to Sedara Declassified to get timely updates on new and evolving threats – and what to do about them – just like our clients do.