Last month I had the honor of speaking to a group of nearly 400 at the 13th annual Nebraska Cyber Security Conference, organized in partnership between Southeast Community College and the State of Nebraska. How sensational, to be present among so many individuals who understand the importance of security and how it fits into their daily responsibilities. Thanks again to Dr. Paul Illich for hosting this well-attended event at Southeast’s brand new Career Academy, located in Lincoln. Thanks to Lt. Governor Foley for his support of this event. Last but not least, thanks to our vendors and educators who contribute their time, creativity, talent and resources to offer fresh, informative and entertaining breakout sessions each year.
Information security officers have a tough job. They seldom, if ever, get recognized for their efforts, that is, until they bring up a security concern that can impact someone’s project deadline. Not exactly the type of recognition they want.
Cyber Security is a serious job and it is important to every organization. My team attended the Cyber Security Conference, and they asked if I would blog about the topic. As I told them at the conference, It’s simple. An information security officer only needs to answer five simple questions… Riiiiiight. My team knows I am being facetious. Read on.
1. HOW DO WE DEFEND OUR ORGANIZATION AGAINST PHISHING ATTACKS?
Believe it or not, email is still the primary delivery vehicle for malware. 92.4% of Malware is delivered via email according to a Verizon 2018 report.
What does this mean? Organizations need to invest in security education and awareness for end-users. Even then, the above mentioned study shows that educating employees is not enough to keep sensitive, confidential and private data 100% secure.
2. HOW DO WE CONTROL THE USE OF PRIVILEGED IT ACCOUNTS?
Dell Solutions Fact: 69% of confirmed security incidents were perpetuated by insiders. More than half were former employees who regained access via accounts that were never disabled.
Privileged accounts provide access to highly sensitive and valuable data. When not managed properly, these accounts can allow others to gain unauthorized access to an organization.
3. HOW DO WE ENSURE OUR SOFTWARE AND HARDWARE ARE UP TO DATE?
Last year we saw one of the largest personal data breaches in history, when the personal data of 147 million people was stolen from the U.S. company, Equifax. What was the cause of such an enormous breach?
The answer is simple patch management. We must ensure that applications and operating systems are up-to-date, and fully patched. The hackers in the Equifax case utilized a vulnerability in the web application Apache Struts, but there was a patch available for this vulnerability months before the attack happened.
4. HOW DO WE CONTROL ACCESS TO SYSTEMS AND DATA?
Of 2,260 confirmed breaches, 63% leveraged weak, default or stolen passwords, according to Verizon’s 2016 Data. Access to data should be based on the “Need to Know”. By restricting access to data to those individuals that absolutely must have access to it, this reduces your attack surface.
5. DO YOU KNOW WHERE YOUR PERSONALLY IDENTIFIABLE INFORMATION (PII) DATA IS, AND WHAT MEASURES YOU ARE TAKING TO PROTECT IT?
A Voltage Security survey of nearly 300 IT professionals found that 48% didn't even know in which countries their data resided once it was uploaded to the cloud.
Identify sensitive data, and take steps to ensure it’s always encrypted. Perform regular scans to ensure that no plaintext data is on your systems.
October is National Cyber Security Awareness Month. I want to thank everyone for doing their part to ensure that we are security aware each and every month. As always, I appreciate what you do each and every day for the citizen of Nebraska.