If you ever need a reminder of just how vulnerable corporations are to bad actors, look no further than the Colonial Pipeline ransomware attack.
People filled up plastic bags and containers with gasoline, governors declared state of emergencies and Colonial Pipeline paid a 75-bitcoin ransom – $4.4 million at the time – to get its data back.
Unfortunately, incidents like this are becoming all too common.
Cybercrime damages are projected to reach $6 trillion globally in 2021, according to a Cybersecurity Ventures report – and that number is only expected to rise. The cost of global cybercrimes is expected to climb 15% annually over the next five years, hitting $10.5 trillion per year by 2025.
So, what can organizations do to avoid becoming the next victim? If you answered, “Just purchase the latest and greatest security tools,” you might want to think twice.
Even the best security tools will fail to keep your business secure if you don’t have the basic security measures covered.
Keep all your security software up to date and ensure your systems are outfitted with the latest patches. Implement both ingress and egress filtering. The former prevents your internal network from being accessed and attacked from the internet, while the latter keeps data traveling outside your network secure.
Make sure your internal systems are segmented. That way an infection can’t spread from one system to another in the event malware penetrates your network. Additionally, keep your critical systems physically air gapped from outside connections. This will protect your backups from becoming infected if the rest of your network falls victim.
Be rigorous with your passwords. Require all employees to use strong, unique passwords and multi-factor authentication (MFA).
Prioritize cybersecurity education for employees. According to Verizon’s 2021 Data Breach Investigations Report, 85% of all breaches resulted from a human error. So, educate employees on the latest security threats, teach them how to spot phishing emails and confirm they know how to respond in the event of an attack.
Cybersecurity experts believe there will be a cyber incident every 11 seconds in 2021. In 2019, it was every 19 seconds; in 2016, every 40 seconds. Buying the newest and trendiest security tools may seem like the answer to keeping the bad guys out of your network, but there’s so much more that must be done.
If you don’t have the security basics covered, you might as well give hackers the keys to the kingdom because penetrating your system will be as easy as 1-2-3-(4).