Cyber Security Chronicles 5: Threat Prevention Tools
Cyber Security Chronicles 5
Education: Cybersecurity’s Forgotten Remediation & Threat Prevention Tool
The overall practice of cyber security is a vital part of a financially healthy and successful corporate environment. In the past companies have traditionally not made cyber security a top priority. However, this has changed in recent times because of the drastic rise in cybercrime that has infiltrated the corporate landscape. This has created a greater sense of urgency to fill corporations all over the world with cyber security professionals that can offer valuable corporate services that help alleviate the growing cybercrime threat that every corporation faces. The big explosion of cyber security job roles and services can also be attributed to all the recent information breaches as well as leaks broadcasted all over the airwaves of television, radio, and the information highway, we call the Internet or World Wide Web. It has become apparent that no corporation, government entity, or even the personal assets of regular citizens is safe or immune to the onslaught of constant attacks attempted or executed frequently by persistent cyber criminals from all over the world.When it comes to defending against cyber criminals, most organizations are at somewhat of a disadvantage because of a lack of qualified cyber security professionals with the required knowledge and adequate experience to properly defend an organizations’ growing threat landscape. This shortage of cyber security professionals can also be attributed to the cyber security practices glaring weakness of generating little or no ROI (return on investment), which is a statistic or metric most top-level executives are looking for when it comes to justifying expenditures of an organization. However, with the recent breaches to Yahoo, Equifax, Verizon, and even Pizza Hut; top-level executives and owners of these organizations are racing to obtain a solid cyber security posture by acquiring qualified cyber security professionals to create, implement, and maintain a failing or non-existent cyber security programs of practice.This is why I believe one of the most important but so often forgotten or overlooked tool for security incident prevention, remediation, and a solid cyber security foundation is education. I know most of you think of education as a program or programs when it comes to some organizations cyber security posture, but instead, I like to think of it as a vital tool to combat the threat landscape of an organization. Knowledge is a very vital part of a cyber criminal’s success when attempting to carry out an exploit on an organization and it usually starts with some kind reconnaissance, which is essentially learning or educating themselves of the organization's infrastructure to find vulnerabilities to exploit. Therefore, if cyber criminals use knowledge and education as a tool, so should organizations to defend against these criminals and their attacks. This should start with an education plan or template to set forth the cybersecurity posture of an organization. This will also help employees of the organization keep up with the ever-changing landscape of the cyber security practice. Which, should entail educating all employees of every department of the best practices of cyber security. This should be recursive, not linear with awareness through education and also drives forth acceptable use policies, procedures, best practices that help the organization achieve security goals. There are several reasons I believe education is a vital for organizations and one of the most important is the fact that more than half of all attacks are caused by insider threats.The insider threat consists of all sorts of actions from employees on the inside of an organization. The first one that comes to mind for most is the non-compliant or malicious user, but the inadvertent actions of an employee are a more frequent occurrence. Credentials are being exposed every day due to all kinds of phishing scams carried out by very clever and resourceful social engineers. There is also the frequent event of malware being spread throughout the organization caused by employees clicking a spam e-mail or unknowingly bringing an infected device to work. This is not to mention the inadvertent employee mistakes like sending info to the wrong address and many other accidental actions by employees that cause data loss that leads to exponential losses by the organization. Most of these mistakes could be avoided with proper awareness education training and emphasis placed on the importance of an effective cyber security program executed throughout an organization and the constant effort to ensure that the security best practices are always achieved by all employees in every department.I will leave you with some numbers to salivate on, they are provided by the Ponemon Institute, of the 874 incidents reported by companies, 568 were caused by insider employees or insider contractors mistakes or negligence. Only 85 were caused by outsiders using stolen credentials and 191 by malicious employees or criminals. Another report released by 2017 Insider Threat Report, stated 53% of organizations remediation costs were $100,000 or more, with 12% estimating a cost of a whopping 1 million dollars. I think you can see now why I believe that education to all employees in all departments is an absolute must for a healthy cyber security posture and overall security life cycle in any organization. There are many more reasons to make education a vital tool for an organization, like the most obvious to strengthen the organization's security employees’ knowledge and the overall security practice as a whole. Therefore, when you are thinking of ways to avoid the dreaded insider threat or looking for a way to combat cybercrime, do not forget education as one of the cheapest and easiest tools f0r remediation and use to help prevent some of these insider threats created from a lack of overall security knowledge. The insider threat will always be there but education could certainly be an effective tool to alleviate the high number of attacks caused by the insider threat created by an organization's own employee’s negligence, mistakes, and bad intentions.