What are you doing about the threats against your organisation?
Written by Bob Adams, Product Marketing Manager at Mimecast. Published 18 April 2018.
“My company is impenetrable and no one could ever successfully breach our system in any way.” — Literally no security professional, ever.
I start off with this remark as a reminder that it’s truly impossible to say your organisation and your users are infallible.
• Are you confident the technology you have in place will always be available and stop the next attack targeting your business?
• Do you honestly trust your users?
These two questions—and many more—are important to consider when evaluating your environment.
Organisations can be taken down in numerous ways and it’s not a matter of if, but when, your company will be unexpectedly offline or the target of an attack.
Although technology has come a long way, it’s still subject to failure. That potential failure is something organisations need to plan for. In on-premises environments, administrators have long fought for the resources necessary to build out redundant systems with effective backups to ensure they have a failover if needed.
However, this comes at a price not all organisation can afford. Conversely, hosted and cloud-based environments are dependent on their providers for delivering availability and redundancy to keep them online.
Chances are high your business was targeted by some form of a targeted phishing or ransomware attack, but it’s important to understand how and why you’re a target. There are many drivers for attackers — mostly monetarily-driven, but data-gathering and corporate IP is of value as well. The reason for targeting also varies depending on the industry. For instance, healthcare organisations have become a prime target for attackers as patient data has skyrocketed in value on the dark web.
Regardless of an attacker’s reasons, you have something they want, and they’ll do whatever they can to get what they’re after. Therefore, it’s vital to understand that attacks have evolved exponentially in the past several years to the point where even seasoned security-conscious users can be duped.
Using advanced threat protection is the first step, but training users is crucial. Implement the right solutions and use teachable moments to train your users. They’re key to preventing targeted attacks from penetrating your defences.
Implementing periodic and continuous training, while also tracking your users’ results, will help you identify weaknesses and strengthen your human firewall. Your users are subject to attacks using malicious URLs, weaponized attachments laden with malware, and even advanced social engineering attacks attempting to get wire transfers or sensitive data.
Chances are you can think of several gaps in users that you may consider “weak links” and it’s only a matter of time before someone exploits that gap.
Just because you’re a target, doesn’t mean you are a victim.
Arc Systems provide a number of services which can protect your company from an attack. Take a look at our Cyber Security page, for further information. You can also contact our sales team on 01268 288100 or email us at [email protected]