With the threat landscape constantly changing, many IT security teams feel as though they’re playing a constant game of whack-a-mole. Just as protection is achieved against one threat, a new one emerges onto the scene.
At the same time, many organisations continue to struggle to identify and deploy the right security strategies and solutions. This could be due to a lack of resources, problems with prioritisation, or simply having a ‘It can’t happen here’ attitude.
Experience shows there are seven key factors that could be having a detrimental impact on an organisation’s IT security preparedness. These factors are:
- The rapid pace of digital transformation:
When large numbers of staff were forced to work from home in early 2020, many organisations accelerated planned digital transformation projects.This was required to ensure that home-based workers could access the resources they required to remain productive. However, in many cases, this increase in pace led to the rollout of new technologies without careful consideration of the security implications.
It is vital that organisations undertaking digital projects focus on the importance of cybersecurity. One area requiring particular attention is Privileged Access Management (PAM) which ensures staff only have access to the resources they require to complete their roles.
- A rise in the use of cloud resources:
Another thing that occurred as a result of the pandemic was a significant increase in the use of cloud resources. Remote workers made use of everything from cloud-based SaaS tools to video collaboration services as part of their daily work patterns.However, this mass shift to the cloud has created more opportunities for hackers who now have more attack vectors to explore and multiple pathways to enter a target IT infrastructure.
Adopting security practices focused on securing cloud identities can play a big role to decrease these risks. These practices include enforcing least privilege, discovering and managing cloud assets, and implementing application control.
- Weak password practices:
Research has repeatedly shown that many staff tend to use the same password for multiple purposes – across home and work accounts – or choose passwords that are relatively easy to guess, allowing for criminals to use automated tools that can cycle through thousands of passwords a second. They can also be tricked into revealing passwords to cybercriminals who then use them to gain access to the corporate IT infrastructure.To overcome the risk of poor password practices, equip staff with tools that offer credential injection capabilities. This will enable them to simply select from a list of credentials to log in to the systems they are approved to access. They no longer know or need a password and so cannot unknowingly divulge one to a cybercriminal.
- Too many admin rights:
Often, users are granted full administrative rights even when they don’t require them. However, this presents a huge security risk as overprivileged accounts are lucrative targets for cybercriminals.Stop attacks by tracking and controlling the use, assignment, and configuration of administrative privileges on computers, networks, and applications. Implementing the principle of least privilege and removing administrator rights is a key requirement for many compliance mandates around the world should be in place within all organisations.
- Malicious insiders:
Unfortunately, insiders are a leading cause of cyberattacks. While many insider breaches are a result of unintentional mistakes, in the case of this factor, it is the wrath of a disgruntled former employee that creates significant risks to cybersecurity.Taking positive steps to mitigate insider threat risks includes implementing least privilege, rotating privileged credentials frequently, and accounting for job role changes by changing or removing their access in a timely manner.
- Having too much confidence:
All organisations would like to believe their employees couldn’t be fooled by a phishing attack, however, reality is very different. The prevalence of phishing, along with the increasingly convincing and sophisticated methods of delivery that target privileged users, means that even well-trained employees will still occasionally fall for these tactics, and it only takes one slip to result in a major breach.In addition to user training, it’s important for organisations to enable solutions that mitigate the reduce the threat of compromised accounts by removing admin rights and implementing application controls.
- Insufficient staff on IT service desks:
IT service desks are often one of the more underfunded departments, however as staff numbers grow, so does the influx of service desk tickets. More recently, due to the pandemic, the large shift to remote working has also driven an increased demand for remote access and support.Enabling IT teams with the right tools for remote access and support are critical to driving productivity without compromising security. A comprehensive secure remote access solution enables efficient remote support to resolve technical issues on any device or system.
By being mindful of these issues, IT teams can take the steps necessary to improve their organisation’s level of cybersecurity. This ensures staff can remain productive and disruptions avoided.
