SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Palo Alto Networks offers business tips for Cyber Smart Week
Fri, 1st Dec 2017
FYI, this story is more than a year old

As Cyber Smart Week wraps up, Palo Alto Networks is highlighting some of key factors that introduce risk into an organisation.

The company says that to gain maximum benefit from IoT, augmented and virtual reality,  users need to understand the risks and protect themselves.

According to Palo Alto Networks regional vice president ANZ Ian Raper, the first step is to enlist people in the fight against cybercrime.

“Many breaches occur because of human factors, including mistakes and malicious action. People don't usually want to harm the business they work for but it is human nature to make mistakes, or to misunderstand the level of risk. Businesses need to educate employees and ensure they're taking simple steps to stay cyber safe.

According to Palo Alto, the four risk factors in an organisation are a remote workforce; malware; phishing and credential theft; and human error.

1. Remote workforce With more employees working remotely, there is an increased risk of attack because, in many cases, an employee's home network is nowhere near as secure as the corporate network. This vulnerability can be particularly lucrative if the employee accesses sensitive or commercially-valuable information remotely.  So businesses must:

  • protect remote devices by implementing security software and installing the latest versions of applications and security patches immediately. Mobile devices should be remotely wipeable in case they fall into the wrong hands
  • require employees to use strong passwords and two-factor authentication
  • prohibit employees from storing information on their personal desktop
  • use a virtual private network (VPN) to protect traffic and prevent tampering with data.

2. Malware

In 2015/16 global information security providers reported they were identifying new malware variants of a rate of more than 200,000 new samples every day. The form of malware most commonly reported is ransomware.

To stay ahead of cybercriminals, it is important to analyse malware more effectively. This includes implementing multiple analysis methodologies, in the right order, to give security teams a higher probability of preventing malware from penetrating the network.

When implemented in series, malware analysis lets security teams handle most threats automatically, freeing up team resources to actively hunt more advanced threats. 3. Phishing and credential theft

Stealing people's passwords and credentials is easy and fast, making it one of the most prevalent tools for attacks against businesses and individuals. By disguising malicious intent in seemingly-legitimate emails, cybercriminals can obtain the credentials they need to infiltrate a network. After that, they can move around inside the network at will to either sabotage it or steal information.

There are three key components to blocking phishing attacks:

  • educating employees so they understand what a phishing attack looks like and what to do if they suspect they are being targeted
  • creating processes that reduce the chances of employee errors resulting in credential-based attacks. This can include measures such as flagging phishing attempts, resetting passwords, automatically blocking suspect sites and emails, and understanding how sensitive resources can be protected
  • implementing technology such as threat intelligence tools to identify phishing sites and prevent employees from visiting them.

4. Human error

People will always be the weakest link in the cybersecurity chain but it is possible to reduce the risk of error. This includes:

  • incorporating security awareness into the organisational culture through relevant, frequent training (perhaps using gamification to increase engagement)
  • moving beyond a compliance-driven approach and showing employees how to protect their personal data, which can then extend to protecting the organisation
  • limiting the number of employees with administrative access, which shrinks the risk footprint.

“Businesses need to focus on ways to prevent a successful cyberattack. By strengthening their employees' awareness of and commitment to cybersecurity, businesses can dramatically reduce the chances of a breach occurring at all,” Raper concludes.