In the world of cybersecurity, there's a lot of misleading information that could open the doors to unwanted risks in your organization.
Our team recently held a webinar where we discussed 5 myths in cybersecurity and debunking them. Our security executive, Andy Riley, and our host Nicole Morsilli chatted about truth to these myths, and the solution that your organization can implement today.
1. I have cyber risk insurance so I’m all set
Andy Riley: "The primary thing to realize is that you have to have a solid security program in place to prevent breaches from happening, and most cyber policies are going to require that you have minimum practices. So, paying attention to industry standards like NIST, ISO, PCI and HIPPA are going to get you in the right direction. It's imperative to understand from your insurer exactly what you're covered for and what their expectations are of you in terms of preventing the problem in the first place.”
2. Our MSP provider is taking care of our security
Andy Riley: ”So, an MSP is typically more in the infrastructure relm. Regardless of the fact that you've outsourced an MSP, there's typically a continued requirement for you to stay very heavily involved with the top end of the security stack when deciding what configurations need to go where, and making sure that your internal security policies match to what you're trying to get accomplished.”
Nicole: “We are the master of security if you're a managed security service provider. So I think that's a big difference and something to take into account when you're deciding how to spend your budget and what your risks are.”
3. After catching malware on your network, you’re back to a known-good state
Andy Riley: “Usually malware is just the beginning of the story. A lot of times malware is an internal IT that can lay dormant for months or years, pending some action by the user. A lot of times when we do an incident response, we are looking at a couple of machines where the client thinks they have cleaned things up but when we look deeper into the environment, we find that same malware and other malware on different machines. There's the idea that by the time your antivirus program catches the problem the malware has already changed files and already laid down or may be looking to be a crypto mining. So it's important to really look at the whole organization and see if any systems that didn't come under the attack in question are also compromised. There may be something latent there that we need to worry about.”
4. Threats are only external
Andy Riley: "really juicy compromises have some sort of internal component to them whether there's been efficient e-mail and some credentials stolen I mean that's something that people don't realize as well is that the use of legitimate credentials in your network against you is extremely common. It's a way to evade it. And it's pretty easy to do with respect to all of the data you're out there.
A lot of the unauthorized breaches is an exposure of patient data in the health care environment is from mistakes and errors. Well-intending employees of the business trying to communicate that data outside the organization and making an error with it not encrypting it or send it to the wrong person either. Paper Mill cases are oftentimes an e-mail so, paying attention to what the insiders are doing is really important both to catch those errors but also to catch anybody who maybe have malicious intent.”
5. Total Security is possible
Andy Riley: “Security is a journey, it's an ongoing process when you get to the end you start back over again. What we do day in and day out is looking to help our clients to remove the attack surface that could be accessed. We want to see bad attempts and then give advice on how to change the architecture of your current environment to make yourself less susceptible. What kind of policies and procedures do you need to implement? If you prep for one, there’s one million plus right behind it to take its place, so it really is a process of learning and refining your strategy."