Tim Bandos is CISSP, CISA, CEH is CISO and VP Managed Security Services at Digital Guardian and an expert in incident response and threat hunting. He has over 15 years of experience in the cybersecurity world and has a wealth of practical knowledge gained from tracking and hunting advanced threats that targeted stealing highly sensitive data. A majority of his career was spent working at a Fortune 100 company where he built an Incident Response organization and he now runs Digital Guardian’s global Security Operation Center for Managed Detection & Response. Here he shares his insights into protecting against insider threats.
How can businesses keep sensitive data safe in the ‘work from home’ age?
In recent years, many organisations have invested significant sums in robust on-premise data security solutions, only to see the seismic shift to home working render them redundant. However, all is not lost. By taking the time to educate employees on the importance of data security, organisations can be confident that their data remains safe during this unprecedented time.
Fortunately, there are a number of relatively simple security tips and behaviours that institutions can pass onto employees, helping to maximise data protection, both for themselves and for their customers. For instance, do not underestimate the power of a strong password. The humble password is still the first (and often only) line of defence against cybercrime. Another tip, enable two-factor authentication wherever possible. Two-factor authentication (2FA) is a great additional layer of security if a hacker or fraudster manages to successfully guess a password.
Another security lesson that’s easy to forget - never click on suspicious emails or links. If employees receive an email from an unknown source they shouldn’t open it, and they certainly shouldn’t click on any links or file attachments contained within it. It’s vital that employees are regularly reminded of the importance of strong email discipline, particularly when working from home.
How can businesses protect against insider threats?
Insider threats can range from absent-minded employees to disgruntled third parties, meaning organisations have to be extremely vigilant for any signs of wrongdoing. However, perhaps the most potent threat comes from one particular subset – departing employees. Departing employees have always posed big problems for organisations. Not only do they have the necessary access and knowledge of where sensitive data resides, but in many cases, they also have a motive. Of course, not all motives are malicious, but in some instances, data loss at the hands of a departing employee can be extremely damaging, both financially and from a reputational perspective. However, with the right safeguards and mechanisms, through a combination of the right technology and a robust process, businesses can monitor for the signs and tell-tale behaviour and make great strides towards minimising or even eliminating the threat posed by this group.
What is cyber insurance and what does it cover?
The increasing demand for cyber insurance is, sadly, a reflection of the growing threat that cyberattacks now pose to organisations of all shapes and sizes, across almost every business sector.
Cyber insurance is designed to protect a company against the financial damage that can be caused by the increasingly diverse range of cybersecurity threats out there today, for example, ransomware, hacks, data breaches, DDoS attacks and malware. In the event of an attack, companies need as many resources as possible to deal with it quickly. This is where cyber insurance can be incredibly helpful, especially for smaller companies.
While it should never be seen as a replacement for a robust cyber security strategy, it can provide an extra layer of protection for companies without the time or resources to recover by themselves. However, cyber insurance does raise some difficult moral questions as well, with some arguing that it actively encourages criminals to target companies known to have it in place, in the hope of an easy payday. Ultimately the choice of whether to invest in cyber insurance is an individual one, but it appears to be becoming an increasingly prudent one.
What are the benefits of migrating to the cloud?
Migrating to the cloud can be a daunting prospect at first, but it’s becoming an increasingly important and necessary one. To make this shift effectively, businesses must do their homework and find/create the right model for them. Once they do so, the rewards are immediate, offering businesses speed, agility and scalability, inherent security, increased efficiency, and not to mention affordability.
It’s taken a global pandemic to give some businesses the push they needed, but it’s safe to say very few will be returning to on-premises solutions, even if office-based working eventually becomes the norm again.