Respond to Cyberthreats with a Layered Security Strategy

From the multifactor authorization you build into your applications and employee awareness training to a solid disaster recovery plan, build a multilayered defense against cyberthreats.

cyberthreat

Cyberattacks take many forms, and they are growing more and more advanced. Although ransomware attacks have decreased over the past year, the number of cyberattacks overall continue to grow with newer forms of attack, such as cryptojacking or cryptomining, coming to the forefront.

Todd Matters, RackWare’s Co-Founder and Chief Architect, says the cyberthreat landscape is “a race between malware builders and security solution providers. Anytime you come up with protection from an attack, the attack gets more sophisticated. It’s never-ending.”

Sash Sunkara, Co-founder and CEO of RackWare, says cybercriminals are motivated by the success they’ve had executing attacks and the ease with which they can profit from the sale of personal data.

“No enterprise is exempt from cyberattack threat,” adds Matters. “It can hurt the type of product you are trying to build and the people you provide it to.”

Multiple Layers of Security

With continually changing cyberthreats, it’s a smart strategy to use multiple layers of security.

Sunkara says it’s vital to have good security solutions in place that immediately alert you to malicious activity. “Without the right systems in place, a business could go months before they know that their computers have been infected. A security solution with alerts and reporting allows you to go back to a good point in time where data is not corrupted,” she says.

A business should also have a disaster recovery (DR) solution that allows them to recover data and operate in the event that their IT staff must deal with a cybersecurity issue. This is particularly vital in the case of a ransomware attack — if the business immediately knows when its files were corrupted, it can go back to that point in time, recover its data and avoid paying the ransom.

Sunkara and Matters stress that businesses should frequently test their DR solutions and their backup plans, so if they are attacked, they know exactly how to proceed to achieve the best outcomes.

Although solutions that provide alerts are crucial, it’s also important to beware of false positives. “False positives can trigger uncertainty,” says Sunkara. “It’s like the boy who cried wolf. When an IT team gets alerts and they turn out to be nothing, it’s easy to assume the next alert won’t be anything serious.”

ISVs can help keep their clients’ applications — and ultimate their networks and data — secure by requiring multiple levels of authorization to access a system. “Build that in from day one,” says Matters.

Make People Part of the Security Solution

With many cybercriminals using email as a way to get people to open attachments or click links, raising awareness and educating people about security best practices should also be a part of every business’ security solution. Sunkara comments that people are getting better at noticing scams and tactics that cybercriminals use, but “as we get smarter, the culprits are getting smarter, too. They’re able to fool smart people, making them click, and getting access to a business’ data sets.”

Matters says to remind your employees and your customers to look at an email’s URL before clicking any links or opening attachments — but that can still be deceiving. “The name of a legitimate company could be in the URL. It’s just not the correct URL for the company.” If there’s any question, open a browser window and type in the URL to see if it takes you to the correct site.

Sunkara again stresses the importance of an intrusion detection/alert system, a good DR solution, and a well-orchestrated plan for what to do in the event of an attack.