Current Filter: Network>>>>>Opinion>

   

Each October, European Cyber Security Month (ECSM) delivers five weeks of focused activities, they say to "Promote cyber security among citizens and advocates for change in the perception of cyber-threats." No exception, October 2015 promoted the theme that, 'Cyber Security is a Shared Responsibility', highlighting the fact that cyberspace cannot be secured without the help of all users.

The topic for the second week, 'Creating a culture of cybersecurity at work', related closely to what for most organisations is their weakest point - its employees. Many, if not most, security breaches involve internal users, and this is referred to as the insider threat.

INSIDER THREAT
Often it's thought that this relates to the employee with an axe to grind who likely has access to some sensitive data - those with malicious intent. While it is a significant risk, the more common occurrence arises from human error or carelessness, such as sharing passwords and poor security practice. Exposed to social engineering tactics, an outsider could gain access by simply tricking a user into sharing their access credentials. Culture and training is central to tackling this, and at its most effective when combined with technology.

The files and folders stored on an organisation's internal network could become a target. Putting security measures in place that will track, monitor and restrict data access and movement is therefore hugely valuable. If there aren't any protocols in place for when a breach happens then it could be too late to recover or even minimise the damage by the time you find out.

PROTECTION
At a more granular level, you can set and enforce rules to restrict and control user logins as well as file access. Preventing or limiting multiple logins is one such restriction and it will reduce the attack surface - the sum of vulnerable points open to a breach. Monitoring, recording and auditing real-time network access on all sessions, including Wi-Fi and VPN, will help flag anomalies in individual usage, by recording who was connected, from where, when and for how long. This visibility will help you see and respond to potential breaches in advance and it will provide an invaluable audit trail.

Training and software solutions are equally important, but to create a culture of cybersecurity they must work together and not be regarded as separate tools. Most insider threat breaches are down to plain human error, but you don't want your staff to think that the software solutions are there as part of a witch-hunt. It is important to educate them on why the tools are there, how they work and how they can proactively participate in a process that helps to safeguard company information.

On the other hand, technology can help with the training process by giving users reminders of policy in situ, for instance if they are trying to login from a new device, and this provides a more engaging way to educate employees. IS Decisions has created an online game to test security awareness and make it fun ( www.isdecisions.com/user-security-awareness-game).

GET CREATIVE
Most regulated organisations take compliance seriously and follow the necessary steps to comply. However, when cases like the one last year where hackers infected a Chinese restaurant's online menu with malware, so as to target employees of an oil company, are exposed, it shows that a threat can come from anywhere. You need to combine different risk procedures that will help to protect your employees and your company information more effectively.

As technology evolves, threats will also evolve. Organisations must accept that there is no one-size-fits-all solution, even for regulated industries. Creating a culture of cybersecurity within your organisation and for your employees is paramount to safeguarding your company, including its employee's future, against insider threats. NC