Networking: Trust Issues, Insecurity and How to Fix It All [Blog]

Product Manager Steve Burden gives practical, straightforward ways on how to keep your networks, your employees and your relationships with both on track.

67% of all cyber breaches involve credential theft, phishing, social engineering, or business email compromise[1]. Users are often the weak link in an otherwise secure environment; the unpredictable bull in the china shop of your security layer and this often creates an air of mistrust, which can sometimes lead to strained relationships between you and your employees.

But it isn’t their fault. They are fighting an uphill battle where they must perform every action relating to cybersecurity perfectly. It takes only one mistake to fall victim to a phishing attack, click on a link containing malware, or use the same credentials for multiple sites. This makes your organisation vulnerable to cyberattacks which completely bypass your expensive next-generation firewalls with complex policy configuration.

Training is important (and in fact is one of our main recommendations). However, deploying technology which complements human capabilities and bypasses human error is the most crucial step towards securing the workplace. There is no bad time to re-evaluate your end-user security technology stack but with today’s prevalence of homeworking and the increase in cloud apps, now is arguably a better time than ever.

Five key cybersecurity considerations:

Verify before you trust

Vulnerabilities can lie undetected for months – sometimes years.  Once one is discovered, attackers are quick to act before vulnerable end points are patched. Just because something is up to date today doesn’t mean it can’t be vulnerable tomorrow, and that means constant vigilance is paramount when dealing with end point security. Taking a zero-trust approach to security with technology such as Cisco Duo can help ensure every user and their device is properly authenticated and posture is assessed before accessing the network or applications.

Leverage the cloud

With more and more users working remotely, network-based security can only go so far. Protecting users as they roam, or even those working semi-permanently from home given recent events, is just as important as protecting them whilst they are in the office. Cloud-based solutions such as Cisco Umbrella make this easy, as well as allowing you to scale the solution up and down easily as requirements change, and protect users while they are on the move or on the sofa at home.

Train your staff

People make mistakes, we know this. However, it is pragmatic to provide regular and varied cybersecurity training to ensure these mistakes are minimised wherever possible. Make sure your users understand important preventative measures such as not reusing passwords, what not to share on social media and how to spot a phishing or malware website or email.

Don’t rely on passwords alone

The prevalence of credential theft and phishing shows the importance of not relying on password authentication alone and instead using multi-factor authentication (MFA) technology such as Cisco Duo. MFA requires multiple types of credentials before allowing access to a system – whether that is the remote access VPN or a particular application. Frequent additional authentication methods can include text message, hardware-based tokens (such as RSA keychains), or, as is now more frequently used, an application on a mobile phone.

Block the attack, not the consequences

It is significantly easier to prevent a cyberattack by stopping the payload rather than attempting to stop the result. For example, preventing an email with a phishing link from being delivered is more effective than relying on the user to identify a phishing attempt. And denying web traffic requests based on their reputation and content is more effective than relying on antivirus software to prevent a subsequent malware install. Cloud-based web security technology such as Cisco Umbrella, can provide a first line of defence in stopping threats as close to the source as possible.

How can Daisy help?

Daisy has many years’ experience in providing security technologies, with a longstanding partnership and accreditations with Cisco – as well as many others. If you know the solution you require, we can help scope and design it, before deploying and managing it on an ongoing basis. Alternatively, our Security Health Check is available to review your current cybersecurity policies and technologies, providing recommendations on which areas require the most attention. Please contact one of our security experts to find out more.

 

[1] Verizon 2020 Data Breach Investigations Report