Sun Tzu probably would have suffered a stroke if you told him that thousands of years in the future, sprawling and complex communications systems capable of semi-autonomous thought would unify communications across the globe and make the business world reliant on a finite set of technologies.
While the context is different, “know thine enemy” is a concept as applicable to network security as it ever was to physical combat.
The number of network-based threats that CSOs, IT teams and even the self-employed have to think about every day is growing more rapidly than ever. While it can seem overwhelming at times, the first step in a good security policy is remembering to guard against the devil you know, rather than fret over the one you don’t. Here are a few examples of cybersecurity risks any business should be prepared to defend against.
1. Bring Your Own Disaster
Many modern businesses have lightened their employees’ load by removing the once-illustrious work phone from their everyday carry. Rather than saddle employees with multiple devices, companies have implemented a policy allowing people to access work communications on their personal devices.
Bring-your-own-device (BYOD) policies can be liberating, and can ensure the proper people get notified if an occasion requires after-hours attention. However, they can also expose your network to threats.
Before you implement a BYOD policy, make sure that enrolled devices are running monitoring software and that the network they use is separated from high-profile company information by a strong firewall. Should someone access your work network with an infected personal device, the results could be disastrous.
- Shadow IT
Sometimes even things we think are altruistic can put company systems at risk. In the early days of network technology, IT companies coined the term shadow IT to refer to groups of employees setting up their own one-off networks within the company infrastructure. While the groups meant well, standing up such networks without proper security policies in place creates an obvious vulnerability.
Today there’s a new kind of shadow IT, this one comprised of rogue technology as opposed to groups of employees.
With modern cloud solutions allowing anyone to spin up a remote server in a matter of an hour or less, all it takes to put your business at risk is one brazen support technician connecting their homebrewed server to the company network. Avoid this situation by implementing a layered security policy that can stop threats at the firewall and application level, with forensic technology to track the origin of the attacks.
Here’s a threat type that dates back to the earliest cyber-attacks. DDoS stands for distributed denial of service. In simple terms, this type of attack involves simply overwhelming a server by sending it more requests than it can handle. While it seems incredibly simple, this type of threat is tough to defend against simply because it can be difficult to distinguish legitimate traffic from an attack.
While we may never entirely eliminate the threat of DDoS attacks like the Dyn attack executed by the Mirai botnet last year, there are ways of identifying simpler DDoS-type attacks and re-routing traffic to keep servers from freezing up. Some of these are best practices, while others involve the use of a dedicated DDoS mitigation appliance.
We still have yet to see the day when cyber-criminals have to fear immediate retribution for the acts they commit. A would-be thief plotting to shoplift might think twice when they see a police officer on duty, but cyber-criminals’ activities often go completely unnoticed. Even when a culprit is identified, the perpetrator has typically had days or weeks to cover their tracks.
One day this will change and the easy money cyber-criminals seek will become less attractive, but until that day comes, it’s important to remain vigilant.