Effective cybersecurity best practices involve deploying defensive technologies that leverage AI and ML to anticipate and prevent malicious activities. Some security providers claim to use AI or ML in their offerings, but they use it to optimize or automate processes rather than preventing cyber threats.
Keeping a good cybersecurity hygiene, stay aware of the trends and acknowledge that you have adversaries on cyberspace are mandatory. Your security journey start by understanding the four biggest risks of modern cybersecurity.
Security is a Technical Problem
This is probably the biggest mistake a organization can do. Thinking that cybersecurity, from the technical stack to the human factor, is just a big IT issue. Digital transformation of business and societies shift the position of information technologies from a nice to have to a must have. It is now a strategic issue. Thinking otherwise would be like picturing its organization, from the CEO to the workforce, as just a HR problem.
Information security leadership are challenged to be both technical expert and promote the cyber risk topic to senior management. They need to gain the support of the board and to become master of diplomacy and cyber war stories. They also need to create bridge with other department:
- Finance: quantification of budget and risks;
- Legal & Compliance: adherence to regulatory frameworks, internal rules and contractual requirements;
- HR: Hire cyber talent and retain them, train the staff on cybersecurity topics;
- Marketing: promote cyber initiatives as a competitive advantages.
Those are just a few example of how multi-disciplinary cybersecurity, hence the CISO job, is. The key to be secure is not to create boring awareness session. But to create a culture change initiated and promoted by the top management.
Not My Fault, It’s My Software Provider
Nation-state attackers are like a second rider in the darkness that has gone without notice for too long. Reflecting on the major cyber-supply chain incidents of the last couple of years, SolarWinds, Kaseya, Okta or the Danish Railway attack come to mind. These malicious actors exploit extensively used programs and services in the industry, transnationally.
This attack style requires considerable expertise and designing. It is ideal for advanced persistent threat adversaries that are equipped with the means to generate custom-made tools and exploits for their schemes. If the suppliers or vendors are not safeguarded from such attacks, neither will you.
I’m Too Small Or Uninteresting To Be Hack
Cyber risk has been greatly amplified due to ransomware and APT (advanced persistent threat) actors. Companies that believe they are too small or in an obscure location to be targeted are mistaken. Adversaries do not solely focus on size and location when selecting a target. Ransomware attacks are determined by an organization’s willingness to pay a ransom, while APTs may be more associated with economic or cyber geopolitical context and third parties.
Who wants to deal with small companies ? Anyone. So just like individuals or big corporation are rushing to contract with SMB, so does attackers that are following the value. That’s is why startup cybersecurity or SMB cybersecurity is necessary. It is not because you are small or you don’t see why an attacker would launch a cyberattack against you, that they will not.
I’ve Never Been Attacked Before
It is pure logic to say that you are never attack when you don’t look hard enough. And you are never attack until you do. Regrettably, many companies opt for only a reactive response to their cybersecurity protection, leaving them more vulnerable to any potential cyber threats.
Cyberattacks can take place in the blink of an eye, making it hard for the majority of companies to respond quickly. Furthermore, supply chain attacks and the complexity of the cybercrime environment are growing, leaving organizations exposed. Hackers usually assault these accounts with legitimate credentials such as distant access or admin and service accounts. It makes difficult for regular security controls to identify the initial activities.
If proactive and preventive security measures are not activated, it is likely that these activities will be found out after the fact. If even found.