Protecting Your Company from IT Security Breaches

Cybercrime is accelerating, with over 500,000 incidents reported last year. It costs businesses money, time and their reputation.

However, organizations can act proactively to reduce their risk and stay on top of trends. Sharing some insights on the state of cybersecurity, Rob Greggs, Senior Systems Engineer at Arctic Wolf, joined On Air host Brandy Semore.

“This stuff is real. It’s not just a cyber risk; it’s a business risk, and the statistics bear that out,” Greggs said.

With the attack surface broadening as networks become more sophisticated and more devices connect to it, such as IoT elements. Greggs described the three most concerning risks right now: advance persistent threat (APT), malware and ransomware.

“APT is a group of treat actors that go after an organization to establish a place to carry out threats, moving laterally through the network. The mean time to discover such an attack is 206 days,” Greggs shared.

Via an APT or other means, threat actors can introduce malware, which typically gets inadvertently downloaded by a user. Ransomware is malware to the next level and involves seizing and encrypting data and holding it for ransom.

“The common thread of these is human as an entry point,” Greggs explained.

To secure a company and its data, it needs many tools to prevent and detect. “The problem is not the tools; they are there. It’s the people needed to watch those tools. Bad things are happening, and no one’s watching,” Greggs noted.

To attain this visibility, organizations should take a cooperative approach between IT and application engineers. End-user awareness is also key, but Greggs cautioned that, “You want to educate them, not train them. Make sure they understand the risk and what they should and shouldn’t do.”