2018 has seen a number of new threats introduced into the cyberscape as well as an evolution of traditional threats. This means businesses need to be more prepared than ever for a data breach and have the latest tools in place to mitigate risks.
In the current landscape, outlined below are today’s top cyber threats that your business must be prepared for as well as technology tips that can help prevent them striking.
Data Breach under the GDPR
GDPR is transforming the way businesses store, process and secure sensitive data. With fines of up to €20 million and the risk of crippling reputation damage due to the media attention being received around breaches, it’s no wonder the new regulation has had such an impact across the globe since being enforced in May this year.
Technology Tip: The first step to a GDPR compliance strategy is understanding what sensitive data you work with, where it’s stored and how it’s flowing in and out of your network. Following Clearswift’s Discover, Secure & Govern approach can bring you into compliance with regulations and ensure you remain compliant into the future.
Leveraging an Adaptive Data Loss Prevention (A-DLP) solution, organizations can automatically mitigate sensitive data loss risks across all digital collaboration channels - such as email, Cloud collaboration applications, and endpoint devices - preventing data leaks, sensitive data acquisition to ensure you comply with data protection regulations.
The insider threat is in fact, the most common cyber threat of all – with 65% of security incidents being related to employees. In most cases, inside threat incidents are caused by employees making mistakes, making it clear that there needs to be a reform in the way employees think about data handling. By changing the way employees think about data – and GDPR has been integral in starting this – there will be less risk of them sharing sensitive information accidentally.
Technology Tip: Clearswift’s Adaptive Data Loss Prevention technology and its associated redaction and sanitization features offer the greatest chance to mitigate data leaks and emails sent in error. The redaction feature ensures any sensitive information contained in the contents of an email, or a document being uploaded to the web, is automatically redacted, meaning those that do make a mistake do not compromise the compliance or security of the organization.
Phishing is one of the most common forms of hacking, for both consumers and businesses. Therefore, all employees, including the C-suite, need to know the signs to spot a phishing email – such as email addresses and tone of voice – to ensure that the risk is minimized and cybercriminals don’t gain access to the sensitive information they’re ‘phishing’ for that often results in financial loss.
Technology Tip: In addition to educating employees about anomalies to look out for, technology is integral to mitigating Phishing threats. As well as today’s expected standard of security features such as Dual Anti-Virus, anti-malware and active-code detection, Clearswift’s email security solution includes advanced features such as Message Sanitization and Structural Sanitization (active code removal) which disable URL’s and other active code from email and attachments, to ensure phishing attacks are thwarted at your organization’s doorstep.
Similar to phishing, spoofing, which is also referred to as Business Email Compromise (BEC), is when an email appears to come from the CEO or CFO asking about transactions of money. Because the email appears to come from the top of the organization, employees are more likely to act without questioning meaning sensitive information such as bank details are shared without anyone internally noticing until it’s too late.
Technology Tip: Organizations should make sure their email security solution has SPF, DKIM and DMARC features (that can detect a spoof email) and also allows for custom rules to be applied to protect employees from BEC. Clearswift next-generation email security solution includes these special features along with Redaction functionality which works automatically to remove sensitive data in email and attachments, and protects it from being shared outside of the organization, redacting sensitive data that employees might have otherwise shared with a cybercriminal.
As we saw in 2017 with the WannaCry attack on the NHS, ransomware is extremely dangerous and has the ability to take any business back to ‘pen and paper’ as IT has to be shut down. Embedding malicious code and scripts within emails and documents is the most common way of being hit by ransomware.
Technology Tip: Weaponized emails, document, and files can be made safe with Clearswift’s Adaptive Redaction technology built into its email and web security solutions. Working together with the deep content inspection engine, the Message Sanitization and Structural Sanitization features enable the automated detection and removal of hidden active code within email messages and attached files, or documents downloaded from the internet, so any malware embedded by hackers is eliminated before it has the chance to infect a network.
There are two sides to social media as a threat to companies. An attacker can ‘phish’ the company via social media, for example, an employee may be sent a Tweet or direct message via LinkedIn containing a link that then activates harmful software. Or, social media best practices are not followed, either by employees on the corporate network or C-suites on their personal accounts, causing damage to corporate reputation.
Technology Tip: Your web security solution should have the capability to prevent both a social media phishing attack and to prevent anything damaging being posted on social media. Clearswift’s SECURE Web Gateway has the ability to monitor content as it is being shared on social media from inside the organization and then decline or change anything that is not appropriate for posting.
A major threat to companies will always be out of date software applications. Security vendors release patches all the time and organizations need to keep up-to-date with these to ensure there are no easily-fixed vulnerabilities being exposed. Patching processes should be streamlined to make sure security flaws are caught and amended very quickly; otherwise, it’s an open door for cyber attackers to come in.
Technology Tip: Deploying technology in that helps an organization monitor its environment to keep track of where patches have and haven’t been applied to corporate devices is a useful way to assess the company’s attack surface at any given time. This will also ensure that the IT department is on top of any known vulnerabilities and can act faster to get a patch in place.
Minimizing the risks
Having a thorough understanding of today’s cyber threats and how they can impact an organization is the first step in mitigating the risk. Making sure staff understand today’s cyber risks and how to spot them will take the pressure off IT departments constantly monitoring for (and fighting) threats as well as reducing the chance of inadvertent data breaches from happening.
Organizations also need to implement policies and processes to ensure if a data breach or cyber-attack does occur, employees know what to do. Processes around “who do I talk to if I think I’ve clicked on a malicious link” or “what do I do if I think I have opened a suspicious attachment?” will be integral to ensuring incidents are handled in a timely and effective manner.
While technology is not a silver bullet for tackling today’s cyber threats, it provides a safety net for when mistakes happen and a defense wall for when malicious content tries to get in.
Read our Clearswift Insider Threat Index 2018
View more information on our Adaptive Data Loss Prevention solution
Download the Adaptive Redaction datasheet
View our Email Security solutions
See more information about our Endpoint DLP solutions