Top 5 bedreigingen van je IT Infrastructuur

Vorige week heb ik een artikel over Cybersecurity en de vergelijking met fysieke beveiliging daarin gemaakt. Veel boeken, methoden, trainingen etc. schrijven over de verschillende domeinen van beveiliging en natuurlijk moet je aan al die domeinen/aspecten van beveiliging aandacht geven, maar overeind blijft het feit dat de basis in orde moet zijn.

Op zoek naar inspiratie voor een volgend artikel kwam ik dit artikel tegen op jumpcloud.com*. Een artikel dat wat mij betreft zo goed aansluit bij de boodschap van vorige week dat ik het in zijn geheel en ongewijzigd hier over neem. De menselijke factor komt hier sterk in naar boven, basis processen (patch en releasemanagement) die niet op orde zijn maar ook de fysieke kant van security.

*Volledige bron

The top 5 threaths to your infrastructure

IT threats have devastating effects on the security of organizations. With corporations of all sizes struggling to keep up with the evolving techniques bad actors use, it’s important to evaluate the top five threats to your infrastructure and how to find or prevent them.

Phising attacks

Scores of users have fallen victim to the phishing methods hackers employ. If a phishing attack is successful, bad actors gain entry to an entire network of sensitive information through a user’s email and password.

When it comes to recognizing phishing attempts, the key is security training. Compromised credentials are the No. 1 attack vector to any organization, so keeping users aware of existing phishing threats increases organizational security dramatically.

Are the users on your networks aware of common phishing techniques, and what these attacks typically look like? Make sure every user is knowledgeable about all types of phishing attacks, including spear phishing, that are cleverly personalized to look more legitimate.

When it comes to recognizing phising attempts, the key is security training.

Unpatched Software and Hardware

IT departments might leave on-prem vulnerabilities unpatched because of time or staffing constraints. And with teams often focused on more pressing tasks — like onboarding and offboarding — some vulnerabilities exist in perpetuity.

Most commonly, IT teams have a dependency that they need to fix before they can patch, which can be quite the complicated procedure. Though consistent patching ultimately makes systems more secure, admins fear these patches will create conflicts or issues that need to be resolved.

The process of patching can seem daunting and tedious to even the most experienced IT team. Though the procedure can be complex, through unpatched bugs bad actors can gain access to confidential information (like financial records), which they then obtain and often sell.

Finding these vulnerabilities is key to stopping hackers from gaining unwanted entry into your network. Make sure all software is up to date, and even consider moving existing hardware to cloud-based providers for increased security. Cloud patch managers can automate the process of implementing new patches and updates, effectively taking the anxiety out of keeping IT infrastructure secure.

Through unpatched bugs bad actors can gain access to confidential information (like financial records), which they then obtain and often sell.

Applications

For the second year in a row, 100% of web applications tested during the 2019 Trustwave Global Security Report possessed at least one vulnerability, with the median number of vulnerabilities rising to 15, up from 11 in 2017.

It’s often the case that employees download applications or browser extensions without first consulting their security or IT team. These actions welcome hackers that wreak havoc on organizational data, all while operating undetected.

The best method for mitigating these security risks is making sure users know to communicate what applications they want or need so that IT is aware of which applications need to be monitored or authenticated to.

Additionally, IT departments can utilize cloud-based identity and access management (IAM) to authenticate and authorize users to their applications. This provides users with the opportunity to leverage a single set of credentials for all approved applications, making the process of using apps simple and secure.

100% of web applications tested during the 2019 Trustwave Global Security Report possessed at least one vulnerability, with the median number of vulnerabilities rising to 15.

Ransomware

The frequency of ransomware attacks has continued to rise over the last decade, with global cybercrime revenues hitting $1.5 trillion annually. When it comes to ransomware, bad actors attack system endpoints and demand payment before agreeing to return user access to their device.

Finding evidence of a ransomware attack is often very simple, and it’s most important to contain the breadth of attack before the hacker can gain network access to sensitive information.

Make sure to educate users so they don’t click on or open suspicious attachments, as well as inform them about common signs of malware sites. Additionally, IT teams can install antimalware or AV software on all systems to dramatically decrease the risk of their endpoints being compromised.

$1,5 trillion annually.

Physical theft

Make sure to educate users so they don’t click on or open suspicious attachments, as well as inform them about common signs of malware sites. Additionally, IT teams can install antimalware or AV software on all systems to dramatically decrease the risk of their endpoints being compromised.

Theft is another easy endpoint threat to spot, as long as users report when their device has been misplaced or taken. To best prevent data theft from a missing device, make sure all endpoints are secured by enforcing full disk encryption (FDE). Also, IT teams should make sure USB access is disabled, and that all systems are safeguarded through multi factor authentication (MFA). By enabling FDE and MFA, as well as remote wipe and find my device, IT professionals reduce the risks in device theft.

By enabling FDE and MFA, as well as remote wipe and find my device, IT professionals reduce the risks in device theft.

Ons Doel

Organisaties proactief helpen met als doel het risico op Cyber Security incidenten te verlagen in plaats van achteraf de schade te beperken. dat is de missie van Cyber7.

Volg ons

Volg onze social-media accounts om op de hoogte te blijven van de laatste ontwikkelingen rondom Cyber Security.

Contact

Cyber7

Rivium 1e straat 99

2909 LE Capelle aan den Ijssel

Telefoon: 088-055 12 03

Email: info@cyber7.nl