The holidays are upon us, and with them all the frenzy that they bring. There are just so many things to consider. Did you remember presents for everyone? What should you bring to the family potluck? Who will dad challenge to the Festivus feats of strength?
With all the craziness, the last thing anyone needs is further stress at work. Unfortunately, it’s also one of the most dangerous months for a company’s cyber security. Between Cyber Monday, the seasonal increase in online shopping, people traveling and taking time off from work, and the lack of attentiveness that comes from the business of the season, bad actors see December as a prime month for cybercrime. It’s no surprise that November 30th is National Computer Security Day.
So, this holiday season give your company and your employees the gift of peace of mind. Here are three ways to help keep your business safe from cybercrime. Alright, it might not be the most exciting gift, but what else do you want? A pony? The avarice never ends!
Update your old passwords
Ok, hear me out! I know this is an old trope, and it’s hard enough to remember all of the passwords we have for streaming platforms alone. But this is important! Password reuse is one of the most common causes of data breaches for businesses. Most employees (ok, most people in general), reuse one or two passwords, with minor variations, for the vast majority of their accounts. This is a huge problem. If someone has been using a password for years, on a variety of platforms, then all it takes is for one of those platforms to have their data exfiltrated, and suddenly all of the other accounts that person uses have been effectively compromised. Circulation methods on the dark web are becoming increasingly sophisticated. Bad actors aggregate, package, and sell entire databases of consumer data with personal identifiable information (PII). These databases, known as “Combo Lists,” may include information such as email addresses, passwords, healthcare records, prescription purchases, passport numbers, geo-location data, shopping habits, even your voting records. Some of these lists contain as much as 1.8 billion credentials. Once they have such information, cyber criminals can identify locations for account takeover and use open source software to automate the testing of username and password combinations.
Many of these sorts of breaches arise due to “accidental exposures,” which can occur in a variety of ways, from databases and servers being left open during cloud migration to devices connecting to Wi-Fi without proper security. Open devices become susceptible to automated crawlers which detect the open device and automatically exfiltrate the data. In effect, no manual labor is needed – latent vulnerabilities can be the subject of automatic attacks.
One of the easiest and most effective ways to combat this is to simply require employees to change and update their passwords annually. In addition, encourage your employees to use a unique password for work, and advise them to make it something long and memorable. Ironically, we’ve been training ourselves for years now to use passwords that are hard to remember, but easy for algorithms to crack – short words with random numbers and signs are simply no good. We’re telling you that Obiwan, Obiwan2, and Obiwan23 have got to go. A far better method is to simply take four random common words, and memorize a situation connecting them – the old correct horse battery staple method – to make something that’s instantly memorable and far harder to crack.
Update spyware and malware protection software
Many businesses operate under a “If it ain’t broke, don’t fix it” mentality. Sorry cowboy, but unfortunately, that simply does not apply to modern technology. Completing software updates will provide various revisions to your computer, such as adding new features, removing outdated features, updating drivers, delivering bug fixes, and most importantly, fixing security holes that have been discovered. With bad actors constantly working to update their methods of attack, our defenses need to be regularly updated as well. Obsolescence and discoverable vulnerabilities are problems enough, but they’re compounded by the proliferation of connected devices. As our office technology becomes increasingly connected, each point in the chain will come to represent a stress fracture for a potential data breach – in order to keep them communicating properly, they need to be updated.
Again, we all understand the pain that these things involve – letting the computer download and restart when you’ve already hit the ground running on your work is the last thing most people want to do. And if you have to manually find the updates? Fuggetaboutit. But the new year is starting soon, and it’s the perfect time to do a little digital spring cleaning.
Implement an automated IT platform
It’s amazing how some technology, even decades later, still seems to be so frustrating. The days of cubicle workers being frustrated by “PC Load Letter” may be long gone, but I suspect there are still more than a few people who’d like to take a baseball bat to some other new piece of tech.
SOC teams are becoming increasingly burnt out and overloaded by the sheer amount of data and tickets that they’re forced to deal with on a daily basis. Many teams spend an inordinate amount of time performing triage and dealing with issues that could be automated away because security operations still rely on manually created and maintained procedures and operations. This becomes even more dangerous when you factor in that burnt out employees are more likely to make mistakes, and the cost of such mistakes only add to the stress and the value of modern IT infrastructure. Imagine Buddy the Elf making etch-a-sketches.
Fear not, IT platforms have evolved greatly. One trending choice is a Security Orchestration, Automation and Response (SOAR) platform. SOARs help to organize and manage the growing volume of alerts and tickets that are increasingly consuming the time and budgets of security teams. By improving the automation of redundant and tedious tasks, analysts can be freed to focus on more difficult and more technical aspects of security. Using such a platform, security analysts can code “playbooks,” which effectively automate responses to given indicators, allowing the analyst to elegantly translate their expertise into actionable insight.
There are enough things to make people go crazy during the holidays – the stress of delivery delays, an overabundance of food and drink, that crazy chipmunk song that never seems to go away. Security operation teams can find a little peace by protecting their company and personal data now before the cider breaks out and the chaos begins.