The Cyber Warfare Cell that Worries the West
Is North Korea behind the WannaCry Ransomware strain that hit a couple of weeks ago? A recent Reuters article points out what is happening in North Korea and it seems more and more signs are point towards their work. As you read the article it is obvious how underground, widespread and dangerous the world of cyber-crime has become and why it is so difficult to protect our digital assets.
That begs the question, "What can you do?"
Their are three main steps in securing your assets:
- Engage in Enterprise Risk Management on an ongoing basis. All of the regulations surrounding banks, medical, government, etc preach risk management and risk analysis. This is the first step in understanding your overall risks - not just cyber - and implementing strategies to mitigate them of which cyber is a significant risk. Understanding your risks then puts you in a position to start with number 2.
- Employ a defense system that is "in-depth" and multi-layered. This essentially means multiple lines of defense, or moats, that can protect your assets. This means that just a firewall, or a firewall + antivirus isn't enough. Multi-layered defense-in-depth systems employ multiple systems in order to mitigate and protect against the cyber risks that exist. This includes, but isn't limited to:
- Firewalls with intrusion detection and prevention systems at ALL locations
- Strong backup and business continuity systems, that are tested
- Incident response plans and incident response exercises
- Anti-virus and anti-malware tools to stop the known attacks
- Enterprise security event logging and management for tracking down where bad things might be happening
- Internet content blocking, control and reporting
- Audit logging and review of access, and access controls
- Penetration and vulnerability testing
- Social engineering "Red team" exercises that simulate attacks
- Train, Train, Train and train your team. Security awareness is what stops most attacks as most attacks are now targeted at the weakest link, the end user who will click on a link or open an attachment. Take steps to continually train your end users, test them and train them again.
We are partnering with the industry leaders in security awareness training for end users, KnowBe4.com to deploy their security awareness and testing tools to our customers. This will provide an integrated dashboard for creating "red-team" simulations on a regular basis, and then track what users did what and send them training. It also tracks the training, as well as training campaigns so we know who was trained, and who hasn't been. This type of tool is a critical component in the arsenal to help avoid costly mistakes.
To learn more about their tools go to their website.