3. Human error and ignorance are the primary facilitators of successful cyberattacks.
According to the “Verizon 2021 Data Breach Investigations Report,” social engineering attacks were the single largest source of breaches, accounting for roughly one-third of incidents.
These types of attacks take advantage of employees’ lack of awareness or attention to detail in order to mislead them into providing credentials that could allow an unauthorized third party access into the organizations’ systems. A successful breach could allow bad actors to do any number of things: conduct a ransomware attack, destroy files, or extract consumers’ private banking information to sell anonymously on the dark web.
What’s more, the pandemic-fueled shift to virtual work environments has increased the risks of vulnerabilities – which attackers have been all too happy to exploit.
Here are five key areas of focus to improve your protection against – and mitigation of – cyberthreats of all kinds, along with key questions to ask in each:
Incident response plan. Are you testing your team’s awareness of and preparedness to respond to major cyber incidents? Are you assessing your response capabilities and taking actions to improve?
Social engineering training and testing. Are you training your workforce on social engineering schemes and assessing their knowledge through testing? Are you tracking the results of those tests and requiring additional training for those who “fail”?
Backup controls. If your organization is subjected to a ransomware attack, can you recover from a backup? How soon, and to what extent? How often are you running disaster recovery testing efforts? Are you sure your backups are complete and would be segmented from the impacts of a ransomware attack?
Vulnerability scanning and logging. Are your efforts to track vulnerability frequent enough, and are they rigorously reviewed? Also, are internal and external penetration testing layered into the process on a periodic basis?
Vendor risk management. How does your organization assess cyber risks in relation to your vendors? What mitigating controls do you have in place? How do you monitor vendor compliance and responsiveness?