The Shift From Cybersecurity Being a Want to a Need Just Happened

The Shift From Cybersecurity Being a Want to a Need Just Happened

Elise Silagy

March 15, 2021

The SolarWinds attack has shaken the technology and cybersecurity spheres to their core, compromising the security of both private businesses and the US government alike. This wide-reaching attack has brought the issue of poor cybersecurity within the US government to the foreground after years of insufficient action.

This devastating attack, the full extent of which is still unknown, does offer a silver lining: demonstrating the importance of good cybersecurity. 

Remote Work Brings With it Increased Cybercrime

Remote work has come hand in hand with an increase in cybercrime as organizations adapt to employees logging on from less-secure home networks populated with various IoT and other devices, creating multiple unsecured or insufficiently secured entry points onto the network. Cybercriminals are taking advantage of these vulnerable entry points to access private data and critical systems and shifting tactics to better take advantage of unsuspecting victims as the pandemic rages on

Lessons From the SolarWinds Attack

First discovered by the cybersecurity company FireEye in December of 2020, the SolarWinds attack allowed nation-state attackers (believed to be affiliated with the Russian government) to push malicious updates to a popular network monitoring product. This attack also created a backdoor in affected systems, providing attackers with ongoing access to inject more malware.

This incident has demonstrated the power of supply chain attacks (when malicious actors infiltrate networks via an outside partner or provider with access to a company’s systems and data) and highlighted the unfortunate reality that many organizations remain unprepared to detect, prevent, and address such attacks.

Cybersecurity Shifts From a Want to a Need

The biggest lesson to learn from the SolarWinds attack is that having a robust cybersecurity posture is no longer just a nice-to-have. Remote work has also made many organizations particularly vulnerable to attacks like the one perpetrated against SolarWinds as companies grapple with keeping remote workers secure.

What Should I Do? Cybersecurity Basics to Get You Started

Creating cybersecurity policies to safeguard your digital assets may be daunting, but there are a few basic steps every organization needs to take:

Create a Cybersecurity Incident Response Program

We’ve created a comprehensive guide to help your organization craft a robust yet flexible cybersecurity response program. It involves laying the groundwork by collecting critical documents, allocating resources, conducting risk assessments, and training your employees how to identify and respond to potential threats. Having a plan ahead of time is crucial since cyberattacks tend to unfold quickly, and ad hoc responses and decision-making processes are rarely sufficient to prevent or minimize damage.

Keep Your Software Up to Date

Making sure your software is kept up to date, and that outdated and unused programs are removed from your systems is one of the easiest things you can do to improve your cybersecurity posture. When software companies discover flaws or vulnerabilities in their products, they address them by issuing patches (snippets of code that correct the issue). However, you can only take advantage of these fixes if you download the patches.

Recently patched software is a common target for cybercriminals since not all users are vigilant enough to download the patch as soon as it becomes available. This means that cybercriminals often target recently patched software in an attempt to gain access to private or sensitive information.

You should also remove any unused or out-of-date programs from your systems, particularly if the software is no longer maintained. Software that is no longer being maintained may contain unpatched vulnerabilities or flaws, leaving your entire network vulnerable. Unused programs may contain vulnerabilities that leave your network exposed, but because these programs aren’t being opened and used regularly, your team may not discover these issues until they have already been used against you.

Remove Permissions as Part of Your Offboarding Process

While most organizations have fairly robust onboarding processes, many don’t put nearly as much time and effort into creating equally comprehensive offboarding processes. To help safeguard your network, make sure that all accounts of former employees are removed so that these login credentials cannot be used. 

Even if your former employees don’t plan to access their old accounts, these unmonitored logins present a tempting possible entry point for cybercriminals. Old accounts are particularly useful to cybercriminals because no authorized users are monitoring them regularly, which means the criminal’s actions are less likely to be detected.

Stay Up to Date on Threats

You can’t defend yourself against a threat you don’t know to look for. Make sure your team is keeping up to date on the latest and most common cybersecurity threats.

Common threats include:

Review Your Current Protocols Regularly

Once you have laid the groundwork, you need to look for potential threats, investigate them thoroughly, and take remediation steps. Once a threat has been dealt with, you should take the time to evaluate how effective your response was so any shortfalls can be addressed promptly.

Even if you don’t experience an attack, your team should still be regularly auditing your current protocols and procedures to ensure they are up to date and continue to meet your needs. You may also want to consider conducting a pen (penetration) test, which involves hiring an ethical hacker to stress-test your defenses and look for vulnerabilities. Once the test is complete, your hired hacker shares their findings with your team, detailing which vulnerabilities they were able to exploit and how, and offers their professional advice for addressing these security shortcomings. These tests allow you to identify and address issues before cybercriminals can exploit them.

Invest in Employee Training

In many instances, your employees are your first line of defense. Training your employees to identify suspicious activities and ensure they know who to report their suspicions to is a critical component of any cybersecurity posture. All new hires should undergo extensive cybersecurity training, and all team members should undergo refresher training regularly.

To help your employees put their new knowledge and skills to the test, you may also want to consider running tabletop exercises. Like fire drills, tabletop exercises present your team with a hypothetical scenario which they need to address. This approach allows your team to practice their skills in a no-stakes environment and test if your current cybersecurity posture and protocols are meeting your needs. Once the exercise is complete, your team sits down to discuss what went well and what did not so that these shortcomings can be addressed as soon as possible. 

How VirtualArmour Can Help

Safeguarding your digital assets is critical, but many organizations find this task daunting. That is why the experts at VirtualArmour are here to help. Our team can help you audit your current posture for vulnerabilities and create a robust plan to address these security shortcomings. We offer a wide selection of managed and professional services, including:

To learn more about the steps your organization needs to be taking to safeguard your digital assets or to start improving your cybersecurity posture, please contact us today.

I’ve Been Hacked! What Should I Do?

If you have experienced a cybersecurity incident please contact our team right away to find out what steps you need to take to minimize damage and prevent future attacks.

Further Reading

Learn more about cybersecurity, the steps you need to take, and the threats that are out there with these select articles from the VirtualArmour blog.

Cybersecurity Basics at the Organizational Level

Building a Cybersecurity Incident Response Program

The SMBs Guide to Getting Started with Cybersecurity

The Ultimate Guide to Managed Threat Intelligence (2020 Edition)

Cyber Hygiene 101: Basic Steps to Keep Your Company Secure

Cybersecurity Spring Cleaning: It’s Time to Review Your Security Practices

Basic Website Precautions: Keep Intruders Out With These Fundamental Security Best Practices

Keeping Your Network Secure in a “Bring Your Own Device” World

19 Essential Cybersecurity Best Practices

Cybersecurity Basics at the User Level

How Fear Motivates People to Click on Spam

5 Old School Hacking Techniques That Still Work (& How to Protect Your Data)

Airports are a Hacker’s Best Friend (& Other Ways Users Expose Themselves to Risk)

Common Threats

Our Predictions for the 2021 Cybersecurity Environment

Hackers Are Increasingly Targeting People Through Their Phones

Everything You Need to Know About Ransomware (2019 Edition) 

Ransomware is Only Getting Worse: Is Your Organization Prepared to Confront It?

Don’t Let Phishing Scams Catch You Unaware

DNS Spoofing: What It Is & How to Protect Yourself

Cryptojacking: Because Every Currency Needs to Be Protected

If You Experience an Attack

Hacked? Here’s What to Know (& What to Do Next)

Post Categories

Related Posts

What Your Business Can Learn From Netflix About Credential Sharing

What Your Business Can Learn From Netflix About Credential Sharing

Credential sharing, the practice of using someone else’s digital identity to gain access to a platform or product, has become commonplace, particularly when it comes to video streaming services. While credential sharing brings with it obvious user-end security issues for organizations of all sizes in all verticals, it also poses a serious problem for organizations that depend on the revenue generated from paid user accounts. 

read more
The Growing Trend of “Hacktivism”, & What it Means for Businesses

The Growing Trend of “Hacktivism”, & What it Means for Businesses

When most people think of a hacker, they think of a loner hiding in a dark basement, destroying computer systems and other digital resources for personal financial gain, or a sophisticated computer whiz employed by a foreign government up to no good.
However, in recent years, a growing number of hackers have been putting their skills to use for a different reason: activism. This trend, dubbed “hacktivism”, is on the rise and can have serious consequences for businesses of all sizes in all verticals and industries.

read more

VirtualArmour Solutions

Detection, investigation, and resolution of your security alerts
Prevention and visibility to protect you from a breach.
Support and monitoring of your firewall and overall security

Evaluation of your infrastructure for vulnerabilities and security gaps.

Team of cybersecurity experts that can bolster your existing security team or supplement light IT staff – to manage and monitor networks, devices, & assets.

Level of Need

Essential Services

Requirements for devices, investigations, and tickets are for a smaller IT environment that needs less.

Requirements for devices, investigations, and tickets are for a larger IT environment that needs continuous white glove service.
One time engagement. Single Service Implementation.

Partners

Become a Partner

VirtualArmour partners with companies focused on providing solutions for cybersecurity

Portal Login

About VirtualArmour

Our Team

When people, process, and technology work together, great things happen.

Articles and Resources

Your best resource for articles, tips and best practices for every cyber security situation.

Technology Partners

Learn more about how our team supplies and services, the latest hardware and software solutions.

Careers

Read about life at VirtualArmour and search for current openings.

Industry

Read more about the industries we serve and our solutions to keep you safe.