By Danny Lopez, CEO, Glasswall
Hygiene is a regular part of our daily routines. We brush our teeth, take showers, and participate in other practices to maintain health and prevent disease. When it comes to cybersecurity, it’s important to use the same approach. This is more than good housekeeping – the consequences of poor cyber hygiene can be far-reaching and have played a central role in the most widespread and damaging breaches in history. In a recent attack on New Cooperative in Iowa, for example, almost 10% of employees shared the same basic password, and there were over 650 instances of previously exposed credentials. Ensuring your hardware, software, applications, and files are maintained safely and securely should be central to the way every organization approaches cybersecurity and become part of a daily cyber hygiene routine to stay ahead of today’s sophisticated cybercriminals.
As we enter week one of National Cyber Security Awareness Month (NCSAM), it’s important to recognize the need to be cyber smart. Taking a proactive approach to your security strategy will not only alleviate stress but the risk that accompanies it. The ‘to do’ list is varied, but if your organization doesn’t regularly monitor and assess issues ranging from hardware and software updates, passwords, and device encryption to backups and user training, it risks falling short on critical security responsibilities.
The Cybersecurity and Infrastructure Security Agency confirmed that better cyber hygiene – specifically, blocking SolarWinds Orion servers from outbound internet traffic – might have helped prevent the supply chain attack. However, security commentators also have highlighted that hygiene alone would not necessarily remove the threat, rather slow down and inconvenience attackers.
Removing The Burden From Employees To Prevent Cyberattacks
Many organizations also see cyber hygiene as an issue that mainly applies to their users, how they approach cybersecurity, and the risks they inevitably bring. As a result, they put too much emphasis on ‘box ticking’ training, assuming it’s the best way to minimize the chances of a successful attack. There is always a place for promoting some level of cyber hygiene. By being diligent, we make successful breaches less likely. Increasingly though, attackers rely on predictable human behavior to tip the odds of success in their favor.
Organizations need to accept that minds can be hacked. Many of the attributes that make us unique, such as curiosity, or our ability to trust, or even our willingness to embrace routine, can mean that we are perfect participants in a game that is overwhelmingly stacked against us. This may be why phishing still tops the list as the top action varieties in breaches and has done so for the past two years. We need to remove threats from the equation before the decision to make an unwise choice is presented to the user. In 2020 alone, 75% of organizations worldwide experienced a phishing attempt. Most of us are perfectly willing to open an attachment or click a web link that appears to come from the CEO. The attacker has an unfair advantage in this scenario and will probably only be defeated if the threat is eliminated before the person chooses to trust the malicious content.
Considering A Fresh Approach Through Content Disarm And Reconstruction (CDR) Technology
With file-based cybersecurity threats increasing faster than ever, traditional reactive detection-based security solutions – such as antivirus and sandboxing – simply can’t keep up. Threat elimination lies at the core of content disarm and reconstruction (CDR) solutions. This approach proactively and instantaneously rebuilds files to a “known good” security standard, so customers benefit from safe, clean files that have been rebuilt to the manufacturer’s published specification, removing any places for malware to hide.
Let’s put this in context – approximately 1 in every 100,000 files contain malicious content, with 97% unknown to antivirus solutions at the time it is removed by CDR solutions. What’s more, it takes an average of 18 days for this malicious content to become known by detection-based antivirus solutions after its removal. Meanwhile, sandboxing exposes organizations to risk from advanced malware and disrupts business productivity. A Fortune 1000 company often sees millions of files each day flow through its users. Potentially, tens of files breach the last line of defense each day as traditional endpoint solutions are unable to remove the threats because they don’t have an adequate understanding of where novel malware hides in files.
Having a CDR solution in place will offer continuous protection and ultimately aid in your journey to improved cyber hygiene. Utilizing this, you’ll be able to focus on other aspects of your organization knowing that your files are safe and the burden of protection is not falling on the shoulders of your employees.