Blog

Stay Updated With The
Latest IT News

cybersecurity-always-a-concern

Cybersecurity: Always a Concern

These days, barely a week goes by that there isn’t news of a significant cybersecurity breach, malware infection, or ransomware attack on an organization, institution, or government. And those are just the ones that make the news; many smaller attacks occur, across the globe, daily.

Every company — of any type or size — needs to understand the basic components of cybersecurity and take steps to reduce the risk of an attack as much as possible. There is some overlap among the components, but in the interest of keeping things simple, I have broken them into five areas….

#1. Device protection.

“Device” refers to the hardware used by an end user to access the Internet or company network. Typically, this is a computer, tablet, or phone.

Protection for personal devices like these is commonly referred to as “antivirus.” But it is more properly called “endpoint security” because a virus is only one type of bad thing that can occur. Worms, trojan horses, cryptojacking… these, in addition to viruses, are also examples of “malware” that can compromise a device. Once compromised, it can either do damage to that device or use it as a launchpad to attack others.

Device protection requires some type of “endpoint detection and response software” operating in the background that can both determine when something bad is happening (or attempting to happen) and take steps to shut it down and/or correct it. 

#2. Preventing things from reaching the device.

Here, the focus is on preventing the user from going places or doing things that might be harmful.

For example, there are products (e.g., Microsoft Defender for Office 365) that do a deep scan of any file attachments to ensure they are safe before allowing the user to open them. Products of this type will also do a deep analysis of any clickable link within an email, verifying their safety before redirecting the user to the URL in question.

This step represents an important, additional level of protection, because your endpoint detection and response software (#1 above), no matter how strong or up-to-date, won’t catch everything. 

#3. Preventing things from coming into your office.

Business class firewalls and intrusion prevention systems work together by controlling access to the network and monitoring both inbound and outbound traffic.

Just as the TSA oversees air travel by identifying suspicious individuals as well as restricting which types of items can be brought on board a flight, firewalls and IPS identify and prevent entry by bad actors and block certain activity (malware, spyware, etc.).

Here, security occurs “one level up” from the end user. If device protection is a locked front door, these protections represent a fence around the perimeter of the property, adding an additional degree of safety. Furthermore, if a compromised computer does get on the network, the firewall and IPS should be able to detect outbound traffic coming from these devices.

#4. Dark web monitoring.

Your sensitive personal and business information is in the hands of many third parties — banks, credit card companies, insurance companies, etc. If one of these is compromised, your username, password, and other private information can be revealed.

Further, because many people (foolishly) reuse the same username/password combinations in multiple places, when the bad guys get their hands on it in one place, they try that same combination in (literally) thousands of others.

Dark web monitoring companies look for signs of data breaches involving client information and credentials, notifying them if that information is being made available elsewhere.

#5. Training.

Items 1–4 above are all technical solutions. Working together, they can do an excellent job of reducing cyber risk and protecting your business.

But the component that is most often overlooked — and by far the most important — is the human element. The people in your organization have the most power to either keep the bad guys out or to circumvent all the other protections you’ve put in place and, essentially, open the front door.

That’s where training comes in. Everyone in your company should have an initial cybersecurity training when brought on board, and then a refresher at least annually to address new areas of concern.

There is Always Risk

There is no cybersolution available that will detect and prevent all threats. It doesn’t exist. The bad guys are always going to be a step ahead.

However, by carefully and consistently putting these components in place within your organization, you have the ability to drive the risk of those threats as close to zero as possible.

Andrew Cohen

Andrew Cohen

Having a reliable strategic partner in the realm of IT services and solutions is essential for achieving sustained growth through effective technological strategies. Our CEO, Andrew Cohen, is dedicated to helping clients optimize their technology to gain a competitive edge in their industries. At SMR, Andrew leads a team of highly dedicated professionals who are fully committed to providing exceptional IT services and solutions. With his extensive expertise and practical experience, Andrew ensures that clients receive unparalleled support and guidance for their IT projects. You can trust SMR to elevate your business systems and stay ahead in today's fiercely competitive business environment.