Earlier this year, SevOne fell victim to a phishing scam that resulted in the release of W-2 wage and tax data belonging to current and former employees of the network infrastructure monitoring company.
After learning about the breach, management apologized and urged employees to follow “good data security” practices in order to lower their chance of becoming victims. That was sensible advice since an unauthorized outsider now possessed stolen sensitive personal information that could be exploited to file false tax returns or commit other forms of identity theft.
But the after-the-fact reaction also underscored a couple of frustrating paradoxes about contemporary cybersecurity.
- More than 90 percent of cyberattacks are either known threats or variants of known threats, not zero-day attacks related to a previously unknown software vulnerabilities, according to AT&T threat intelligence data. In theory, organizations should be able to detect and prevent attacks by employing proper defensive measures. Unfortunately, the battle is far from finished with cybercrime expected to cost the global economy a record $445 billion this year.
- While the sensational nature of headline-grabbing breaches may conjure up lurid scenarios of unstoppable and mysterious cyberpredators, the more mundane reality is that most organizations deserve some of the blame for their inadequate cybersecurity. And the urgency to bolster cybersecurity is only going to increase as enterprises digitize more of their internal and customer-facing operations with the adoption of the Internet of Things, cloud technology and mobile devices.
To be sure, adversaries are always looking for the next way into your organization and they will probe for network weaknesses. But you can handle the vast majority of known threats by implementing an approach to cybersecurity that balances prevention, threat detection and response. A newly published AT&T Cybersecurity Insights report for navigating the threat landscape offers the following recommendations:
- Invest in a multilayered approach: Organizations should integrate all aspects of their digital infrastructure. That includes networks, systems, cloud-based services and endpoint devices, ranging from desktops to smartphones to smart devices connected via the IoT.
- Keep patches and software apps current: Stay current on software patches and updates to avoid the dangers of software vulnerabilities. Even though most threats are known, their variants still pose dangers.
- Reduce impacts from any weak links: Not everyone necessarily has the same idea about what constitutes good cybersecurity practices - and that includes both employees and third-party vendors. Awareness and education programs can help increase employee vigilance. At the same time, any contractors or business partners should be required to abide by clearly articulated policies and controls around cybersecurity as a precondition for working with your organization.
- Make cybersecurity foundational: This is an era of IT transformation in which many organizations are migrating to more flexible infrastructures that use cloud services and software-defined systems and networks. All the more reason to ensure that security is a foundational component of these initiatives. If they are present right from the start, the result will be a more agile and more secure organization.
Charles Cooper has covered technology and business for the past three decades. All opinions expressed are his own. AT&T has sponsored this blog post.