CYBER SECURITY | 4 MIN READ
IT professionals and cyber criminals are constantly performing a sort of dance together. When cyber criminals move one way, IT professionals must move in response, and vice versa in a never-ending salsa. Since cyber criminals' tactics evolve constantly, companies must adapt their strategies in response. Keep reading to learn some top cyber security trends in 2020 and how you can secure your network.
Not enough time? Jump to:
Increased Cyber Attack Blocking
Increases in Remote Work-Oriented Security
Increased Cyber Attack Blocking
Ransomware attacks increased by 148% from February to March of this year and have occurred at an elevated rate since, highlighting how hackers are taking advantage of remote network flaws.
Cyber criminals have also taken advantage of the confusion surrounding the pandemic to carry out targeted phishing attacks, including COVID-themed schemes.
For instance, some attacks have involved employees receiving a link to register for a mandatory COVID test so they can return to the office.
This year's rise in cyber attacks means that businesses have had to be more diligent than usual with prevention/thwarting attempts and employee phishing education bootcamps.
Windows End of Life
As of January 14 of this year, Windows stopped supporting devices running on Windows 8 or earlier. While many businesses have upgraded their devices in response, some were slower to get up to speed.
Hackers knew that this was going to take effect and that some people would be slow to adopt the necessary changes, which is why some took advantage with targeted malware or phishing schemes.
Businesses previously running Windows 8 devices have had to quickly pivot this year towards mass upgrades to Windows 10 for all in-office devices.
Updates to Legacy Processes
Widespread shifts to remote work in March of this year laid bare the outdated cyber security processes that many companies were running.
When switching to a remote network, companies may have found that their firewall was outdated or that BCDR plans were not up-to-speed with how their business currently runs.
This year has given businesses an opportunity to identify and fix security gaps in their network.
Increase in Remote Work-Oriented Security
The start of the COVID-19 pandemic brought mass transitions to remote work. Many businesses who had not previously worked remotely were now tasked with sustaining business operations while maintaining network security.
With such a quick transition to a remote environment, many IT professionals had to scramble to find secure platforms for business operations, such as remote conferencing and messaging platforms.
Remote conferencing platforms such as Zoom quickly began to show security cracks as millions of users flocked to them, creating issues for IT departments to work around.
IT professionals also had to re-configure hardware/software such as VPN's and firewalls for a remote environment, which took some trial and error.
Increased phishing attacks this year meant that companies also had to implement further phishing educational measures to ensure that employees know how to recognize and avoid phishing emails.
How to Secure Your Network
Strengthen Your Passwords
Weak passwords are one of the easiest ways to give a hacker access to your network. If you have a WPA/WPA2 key that you can select yourself, consider strengthening it and protecting where it is written down to better leverage your cyber security infrastructure.
In general, you should limit how much you write down your passwords, whether they're on a sticky note, an Excel spreadsheet, or in the Notes app on your phone. This piece of advice extends to writing down your WiFi passwords anywhere too.
Writing a password down anywhere leaves it susceptible to being found by hackers. If a hacker were to gain access to your network, there is no telling the havoc that they could wreak.
Consider changing your network security key and other passwords every six months to keep them fresh and secure. Additionally, when creating a password or security key, don't use easy-to-find information such as birthdays or your children's names.
When creating a password, make sure it's long and complex. To make your passwords more complex, try creating a "passphrase" instead. Passphrases involve picking a meaningful phrase that you can remember, and making the first letter of every word the password.
RELATED: How Can I Create and Secure a Strong Password?
Implement Role-Based Security
If you're a business, consider this: company-wide free information access means that hackers have more chances of finding an employee with access to important accounts. Implementing role-based security in your company limits the number of people who have access to sensitive files that hackers can hold for ransom.
To minimize the risk of important information being leaked or stolen, assign different levels of security clearance to employees based on what information they need to do their job.
For instance, a blue level employee who is a sales representative might only have access to sales databases, while a red level employee who is an HR representative might only have access to HR databases. You can also restrict administrator rights so that only essential personnel like an IT manager have them.
Role-based security also prevents employees with bad intentions from accessing information that they didn't even need to see in the first place.
Educate Employees
Cyber security training that highlights best practices for keeping your data safe online is increasingly becoming an important aspect of employee instruction, especially for employees that aren’t tech-savvy. It is one of the most important factors in establishing and maintaining a secure company network.
You could have the most secure network in the world and your employees could still render it ineffective with poor Internet practices. The employees of your company are its greatest asset and, unfortunately, its greatest liability.
Having cyber security training for your company can educate everybody on Internet best practices, from how to detect spam emails to tips on creating secure passwords. Good cyber security training minimizes the risk of your other network security protocols being rendered ineffective.
Additionally, it decreases the likelihood that your employees will fall victim to cyber-attacks by opening spam or going to malware-infected websites. Establishing basic cyber security practices and policies helps make everybody aware of how to behave online.
RELATED: Why Your Employees Are Your Weakest Link
Consider Managed IT Services
If you are a business, you might feel overwhelmed with managing your cyber security infrastructure. Managed IT services can, among many other tasks, help you create a company-wide password policy that works for your business.
Additionally, managed IT services proactively handles your network's security by implementing safety measures, and then employ a team of IT experts to address any threats or issues that pop up.
In the event that a ransomware attack happens or your network goes down, they can reduce downtime by quickly recovering data due to their use of frequent and secure backups.
Don't wait to improve your cyber security.
Posted by Erica Kastner
Erica Kastner is a lead Marketing Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their network infrastructure.